lsauthcfg

Use the lsauthcfg command to show the configuration being used for server base authentication, if any.

Syntax

Parameters

-help | -h | -?

Lists help for the command. If you specify additional parameters and arguments, those parameters and arguments are ignored.

-s

Displays default information about each user and user group, including the name, classification, and role.

-l

Displays detailed information for each user and user group, including:

Column label	Details
Server	The domain or IP address of the LDAP or Active Directory server being used for user authentication.
Port	The LDAP or Active Directory server \|port number.
Role	The role of authentication server: Primary or Failover.
Type	The type of authentication server: LDAP or Active Directory.
BindDN	The binding DN of the user configured to access the LDAP server.
BaseDN	The LDAP base DN
Username	The username being used to access the Active Directory domain.
Domain	The domain of the user represented by \|the username field.
Custom	If 'Yes', indicates the current LDAP or Active Directory configuration was not created using the provided API. It was manually created by the user and extends a basic LDAP configuration by including additional parameters. If 'No', indicates the configuration is a basic configuration.

-fmt { default | xml | delim | stanza }

Specifies the format of the output. You can specify one of these values:

default

Specifies that the output is displayed in tabular format using spaces as delimiters between columns. This is the default value.

xml

Specifies that the output is displayed in XML format.

delim

Specifies that output is displayed in a tabular format using commas as delimiters between columns.

To use a character other than a comma as the delimiter, specify -fmt delim -delim char , where char represents the character that you want to use as the delimiter. For example, if you want to use a colon (:) as the delimiter, use the following -fmt parameter:

-fmt delim -delim :

If you use a shell metacharacter as the delimiting character, enclose the character in quotation marks or single quotation marks. A blank space is not a valid character.

stanza

Specifies that the output is displayed as one keyword-value pair per line.

-p { on | off }

Specifies whether to display one page of text at a time or all text at once.

on: Displays one page of text at a time. Pressing any key displays the next page. This is the default value when the command is run in interactive mode.
off: Displays all text at once. This is the default value when the command is run in single-shot mode.

-hdr { on | off }

Specifies whether to display the table header. You can specify one of these values:

on: Displays the table header. This is the default value.
off: Hides the table header.

-r number

Specifies the number of rows per page to display when the -p parameter is specified. You can specify a value of 1 - 100. The default value is 22.

-v { on | off }

Specifies whether to enable verbose mode. You can specify one of these values:

on: Enables verbose mode.
off: Disables verbose mode. This is the default value.

Example: Listing the configured LDAP servers

The following command lists the LDAP servers that are configured for user authentication.

csmcli> lsauthcfg

The following output is returned:

Server                          Port Role     Type
==================================================
tb080-ui.storage.tucson.ibm.com 1389 Primary  LDAP
test.ldap.server                1234 Failover LDAP
test.ldap2.server               5678 Failover LDAP

Example: Listing the configured Active Directory server

The following command lists the Active Directory servers that are configured for user authentication.

csmcli> lsauthcfg -l -fmt stanza

The following output is returned:

Server   nestorman.tuc.stglabs.ibm.com
Port     389
Role     Primary
Type     Active Directory
BindDN   cn=Administrator,cn=users,dc=HMIADDOM,dc=COM
BaseDN   cn=users,dc=HMIADDOM,dc=COM
Username Administrator
Domain   HMIADDOM.COM
Custom   No