Contents

1   Introduction

This document describes how to configure referral chasing. Such change can be triggered by the organization security policy.

1.1   Prerequisites

This section describes the prerequisites, which must be fulfilled before using the procedure.

1.1.1   Conditions

The following conditions must apply:

• The user has the System Security Administrator role.
• The Managed Element (ME) is configured to connect with remote LDAP server, refer to Configure LDAP Basic Connection and Configure TLS for LDAP.
• The LDAP server is configured for the ME.
• If the LDAP server is configured to return referrals, the returned referrals must point back to a directory tree within the same LDAP server instance; otherwise, access is denied for referred user accounts.
• An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

2   Procedure

To enable referral chasing in Ldap Managed Object (MO):

1. Navigate to the Ldap MO, for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LdapAuthenticationMethod=1,Ldap=1

2. Enter Config mode:

   (Ldap=1)>configure

3. Enable referral chasing (useReferrals) in Ldap Managed Object (MO), for example:

   (config-Ldap=1)>useReferrals=true

4. Commit the settings:

   (config-Ldap=1)>commit

5. Verify the result:

   (Ldap=1)>show

   The following is an example output:

   Ldap=1 baseDn="dc=my-domain,dc=com" bindDn="cn=proxyaccount,dc=ericsson,dc=com" bindPassword="1:XUC+jE8QV05dG57Ouv7hWi1s/wa+uWi0" fallbackLdapIpAddress="192.0.2.11" ldapIpAddress="192.0.2.10" useTls=false serverPort=1000 useReferrals=true