Contents

1   Description

This instruction describes how to configure referral chasing. Such change can be triggered by the organization security policy.

2   Procedure

2.1   Configure Referral Chasing

Prerequisites

• This instruction references the following documents:
  • Configure LDAP Basic Connection
  • Configure TLS for LDAP
• No tools are required.
• The following conditions must apply:
  • The user has the System Security Administrator role.
  • The Managed Element (ME) is configured to connect with remote LDAP server, refer to Configure LDAP Basic Connection and Configure TLS for LDAP.
  • The LDAP server is configured for the ME.
  • If the LDAP server is configured to return referrals, the returned referrals must point back to a directory tree within the same LDAP server instance; otherwise, access is denied for referred user accounts.
  • An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

Steps

1. Navigate to the Ldap Managed Object (MO), for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LdapAuthenticationMethod=1,Ldap=1

2. Enter Config mode:

   (Ldap=1)>configure

3. Enable referral chasing (useReferrals) in the Ldap (MO), for example:

   (config-Ldap=1)>useReferrals=true

4. Commit the settings:

   (config-Ldap=1)>commit

5. Verify the result:

   (Ldap=1)>show

   The following is an example output:

   Ldap=1 baseDn="dc=my-domain,dc=com" bindDn="cn=proxyaccount,dc=ericsson,dc=com" bindPassword="1:XUC+jE8QV05dG57Ouv7hWi1s/wa+uWi0" fallbackLdapIpAddress="192.0.2.11" ldapIpAddress="192.0.2.10" useTls=false serverPort=1000 useReferrals=true