Contents

1   Description

This instruction describes how to configure the Ericsson Filter version. Such change can be triggered by the organization security policy.

2   Procedure

2.1   Configure Ericsson Filter Version

Prerequisites

• This instruction references the following documents:
  • Configure Ericsson LDAP Filter
  • Configure LDAP Basic Connection
  • Configure Target-Based Access Control
  • Configure TLS for LDAP
• No tools are required.
• The following conditions must apply:
  • The user has the System Security Administrator role.
  • The Managed Element (ME) is configured to connect with remote LDAP server, refer to Configure LDAP Basic Connection and Configure TLS for LDAP.
  • The LDAP server is configured for the ME.
  • profileFilter is set to ERICSSON_FILTER, refer to Configure Ericsson LDAP Filter.
  • The ME Target Type is set and TBAC is enabled, refer to Configure Target-Based Access Control.
  • The user profiles are updated with target qualifiers.
  • An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

Steps

1. Navigate to the EricssonFilter managed object, for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LdapAuthenticationMethod=1,Ldap=1,EricssonFilter=1

2. Enter Config mode:

   (EricssonFilter=1)>configure

3. Set the desired Ericsson Filter version, for example:

   (config-EricssonFilter=1)>version=1

4. Commit the settings:

   (config-EricssonFilter=1)>commit

5. Verify the result:

   (EricssonFilter=1)>show -r ..

   The following is an example output:

   Ldap=1 baseDn="dc=my-domain,dc=com" fallbackLdapIpAddress="192.168.0.11" ldapIpAddress="192.168.0.10" profileFilter=ERICSSON_FILTER EricssonFilter=1 targetBasedAccessControl=UNLOCKED version=1