Contents

1   Introduction

This document describes how to configure the Ericsson Filter version. Such change can be triggered by the organization security policy.

1.1   Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1   Conditions

The following conditions must apply:

• The user has the System Security Administrator role.
• The Managed Element (ME) is configured to connect with remote LDAP server, refer to Configure LDAP Basic Connection and Configure TLS for LDAP.
• The LDAP server is configured for the ME.
• profileFilter is set to ERICSSON_FILTER, refer to Configure Ericsson LDAP Filter.
• The ME Target Type is set and TBAC is enabled, refer to Configure Target-Based Access Control.
• The user profiles are updated with target qualifiers.
• An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

2   Procedure

To set the version attribute in EricssonFilter Managed Object (MO):

1. Navigate to the EricssonFilter MO, for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LdapAuthenticationMethod=1,Ldap=1,EricssonFilter=1

2. Enter Config mode:

   (EricssonFilter=1)>configure

3. Set the desired Ericsson Filter version, for example:

   (config-EricssonFilter=1)>version=1

4. Commit the settings:

   (config-EricssonFilter=1)>commit

5. Verify the result:

   (EricssonFilter=1)>show -r ..

   The following is an example output:

   Ldap=1 baseDn="dc=my-domain,dc=com" fallbackLdapIpAddress="192.168.0.11" ldapIpAddress="192.168.0.10" profileFilter=ERICSSON_FILTER EricssonFilter=1 targetBasedAccessControl=UNLOCKED version=1