[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]


Changing the Directory Access Configuration for the SRC CLI

On Solaris platforms, configure the CLI to use the directory that stores SRC configuration data.

Configuration Statements for CLI Directory Access

Use the following configuration statements to change the connection to the directory that stores SRC configuration information. You enter the system ldap client statement at the [edit] hierarchy level:

system ldap client {
    base-dn base-dn; 
    url url; 
    backup-urls backup-urls; 
    authentication-dn authentication-dn; 
    credentials credentials;
    connect-timeout connect-timeout; 
    time-limit time-limit; 
    eventing; 
    polling-interval polling-interval; 
    connection-manager-id connection-manager-id; 
    dispatcher-pool-size dispatcher-pool-size; 
    event-base-dn event-base-dn; 
    signature-dn signature-dn; 
    blacklist; 
}


NOTE: Do not change the value for the enable-eventing, polling-interval, connection-manager-id, dispatcher-pool-size, or event-base-dn statements unless instructed to do so by Juniper Networks.

The eventing statement is enabled by default.

Changing Directory Access Properties

Use the following configuration statements to change connection properties for the directory that stores SRC configuration data:

system ldap client {
    base-dn base-dn; 
    url url; 
    backup-urls [backup-urls...]; 
    principal principal; 
    credentials credentials;
    timeout timeout; 
    time-limit time-limit; 
}

NOTE: Before you change directory connection properties, make sure that all configuration changes have been committed.

To change connection information to the directory that stores SRC configuration information:

  1. From configuration mode, access the configuration statement that configures the directory connection.
  2. [edit]
    
    user@host# edit system ldap client
    
    
    
  3. (Optional) Change the DN of the root directory to store SRC configuration information. You can use the default root o=umc.
  4. [edit system ldap client]
    
    user@host# set base-dn base-dn 
    
    
    
  5. (Optional) Change the URL that identifies the location of the primary directory server.
  6. [edit system ldap client]
    
    user@host# set url url 
    
    
    
  7. (Optional) Specify URLs that identify the locations of backup directory servers.
  8. [edit system ldap client]
    
    user@host# set backup-urls backup-url-n backup-url-n2
    
    
    

Backup servers are used if the primary directory server is not accessible.

  1. (Optional) Change the DN that defines the username with which an SRC component accesses the directory.
  2. [edit system ldap client]
    
    user@host# set principal principal
    
    
    

For example:

[edit system ldap client]
user@host# set principal-dn cn=area1,o=Operators,o=umc

  1. (Optional) Change the password used for authentication with the directory server.
  2. [edit system ldap client]
    
    user@host# set credentials credentials
    
    
    
  3. (Optional) Specify the maximum amount of time during which the directory must respond to a connection request.
  4. [edit system ldap client]
    
    user@host# set timeout timeout 
    
    
    
  5. (Optional) Specify the length of time to wait for a connection to the directory to be established. If you set the value to 0, there is no time limit.
  6. [edit system ldap client]
    
    user@host# set time-limit time-limit 
    
    
    
  7. (Optional) Change directory eventing properties for the CLI.

    NOTE: Do not change the value for the enable-eventing, polling-interval, connection-manager-id, dispatcher-pool-size, or event-base-dn statements unless instructed to do so by Juniper Networks.

    The eventing statement is enabled by default.


    .

In most cases, you use the default configuration for directory eventing properties. For information about changing directory eventing properties, see Chapter 30, Configuring Local Properties with the SRC CLI.

Verifying the Configuration for Directory Access

To verify the configuration for directory connections:

  1. From configuration mode, access the configuration statement that configures the directory connection for the CLI.
  2. [edit]
    
    user@host# edit system ldap client
    
    
    
  3. Run the show command. For example:
  4. [edit system ldap client]
    
    user@host# show 
    
    base-dn o=UMC;
    
    url ldap://127.0.0.1;
    
    principal cn=cli,ou=components,o=operators,<base>;
    
    credentials ********;
    
    timeout 10;
    
    time-limit 5000;
    
    eventing;
    
    polling-interval 30;
    
    connection-manager-id CLI_DATA_MANAGER;
    
    dispatcher-pool-size 1;
    
    event-base-dn o=UMC;
    
    signature-dn o=UMC;
    
    blacklist;
    
    
    

[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]