home

Supported platforms

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Performing group-based LDAP authorization

If the LDAP search filter is configured to perform a group-based LDAP authorization, you might need to restrict (that is, adapt) the search base to search for groups.

To adjust the search base for groups, use the following command:


      vyatta@vyatta# set resources service-users ldap example.com group base-dn ou=Groups,dc=example,dc=com

Depending on the defined LDAP schema (RFC2307 or RFC2307bis), the member attribute is either memberuid or member for the group-based authentication.

If the LDAP schema used by the server requires a third variant that is not covered by either schema standard, use the following command:


      vyatta@vyatta# set resources service-users ldap example.com group member-attribute
 memberAttr