Configuring Directory Connection Properties
Use the following configuration statements to configure directory properties for a component:
slotnumber component-name
initial directory-connection {urlurl
;backup-urls [backup-urls
...];principalprincipal
;credentialscredentials
;protocol (ldaps);timeouttimeout
;check-intervalcheck-interval
;blacklist;snmp-agent;}To configure directory connection properties for a component:
- From configuration mode, access the configuration statement that specifies the directory configuration for a component on a slot.
user@host#edit slot
number component
initial directory-connection
user@host#edit slot 0 nic initial directory-connection
- Specify the URL that identifies the location of the primary directory server.
[edit slot 0 nic initial directory-connection]user@host#set
urlurl
On a C-series Controller, this value is ldap://127.0.0.1:389.
- (Optional) Specify URLs that identify the locations of backup directory servers. Backup servers are used if the primary directory server is not accessible.
[edit slot 0 nic initial directory-connection]user@host#set
backup-urlsdirectory-backup-url1 directory-backup-url2
- Specify the DN that the SRC component uses for authentication to access the directory.
[edit slot 0 nic initial directory-connection]user@host#set
principalprincipal
- Specify the password with which the SRC component accesses the directory.
[edit slot 0 nic initial directory-connection]user@host#set
credentialscredentials
- (Optional) Specify whether the connection to the directory uses secure LDAP. If you do not configure a security protocol, plain socket is used.
[edit slot 0 nic initial directory-connection]user@host#set
protocol ldaps- (Optional) Specify the maximum amount of time during which the directory must respond to a connection request.
[edit slot 0 nic initial directory-connection]user@host#set timeout
timeout
- (Optional) Specify the time interval at which the software attempts to connect to the directory.
[edit slot 0 nic initial directory-connection]user@host#set check-interval
check-interva
l- (Optional) Enable the directory eventing system to prevent a connection to a directory after the directory fails to respond during an interval in which the directory was polled 10 times.
[edit slot 0 nic initial directory-connection]user@host#set blacklist
- Specify that the SDX SNMP agent exports MIBs for this directory connection.
[edit slot 0 nic initial directory-connection]user@host#set snmp-agent