mkldapserver
Use the mkldapserver command to display the data used to create a Lightweight Directory Access Protocol (LDAP) server.
Syntax
Parameters
- -ip ip_address_or_domain_name
- (Required) Specifies either a server IP address or domain name, or a fully qualified domain name (FQDN) (maximum of 256 characters). You can specify an optional fully qualified domain name after you establish a DNS server using the mkdnsserver command.
- -name server_name
- (Optional) Specifies the LDAP server name.
- -port port
- (Optional) Specifies the LDAP server port. The default value (if you do not specify a
value) is
389
. If you specify TLS security the value is389
and if you specify SSL security the value is636
. - -sslcert file_name
- (Optional) Set the SSL certificate.
- -basedn base_dn
- (Optional) Use the base distinguished name for search.
- -preferred
- (Optional) Specifies that this server is preferred over other configured LDAP servers.
Description
The -basedn parameter indicates the distinguished name (DN) to use as a base from which to search for users in the LDAP directory. If Transport Layer Security (TLS) is enabled and -sslcert is specified, the server certificate is verified during authentication. The secure socket layer (SSL) certificate must exist on the node being used, otherwise a server certificate is not checked.
The system must be configured with an appropriate version IP address when -ip is specified. The IP address specified with the -ip parameter must be of a version supported by the system. The certificate file must be in valid PEM format and have a maximum length of 12 kilobytes.
Distinguished names must be a sequence of
attribute=value
pairs separated by a comma (,),
semi-colon(;), or plus sign (+) escaping special
characters with a backslash (\) where appropriate, and specified UTF-8
characters using their byte encoding. For example, \, for commas or
\C4\87 for the UTF-8 character c acute.
This command runs whether or not LDAP authentication is enabled.
An invocation example
mkldapserver -ip 192.135.60.3
The resulting output:
LDAP Server, id [0], successfully created