Contents

1   Description

This instruction describes how to unlock the LDAP authentication method.

The LDAP authentication method is unlocked when the managed element is operational or when the administrator is preparing to test the execution of LDAP authentication.

2   Procedure

2.1   Unlock LDAP Authentication Method

Prerequisites

• This instruction references the following documents:
  • Configure LDAP Basic Connection
  • Configure TLS for LDAP
• No tools are required.
• The following conditions must apply:
  • The procedures in this document are performed either by a System Security Administrator or a local Linux® user belonging to the com-emergency group.
  • The Ldap managed object is configured according to Configure LDAP Basic Connection or Configure TLS for LDAP.
  • The LDAP administrative state is LOCKED.
  • An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

Note:  

It is possible to have a user with System Security Administrator role even before unlocking LDAP, if other access control methods are enabled in the ME, for example LocalAuthentication.

Steps

1. Navigate to the LdapAuthenticationMethod Managed Object (MO), for example:

   >dn ManagedElement=NODE06ST,SystemFunctions=1,SecM=1,UserManagement=1,LdapAuthenticationMethod=1

2. Enter Config mode:

   (LdapAuthenticationMethod=1)>configure

3. Unlock the LDAP authentication method:

   (config-LdapAuthenticationMethod=1)>administrativeState=UNLOCKED

4. Commit the setting:

   (config-LdapAuthenticationMethod=1)>commit

5. Verify the result:

   (LdapAuthenticationMethod=1)>show

   The following is an example output:

   LdapAuthenticationMethod=1 administrativeState=UNLOCKED Ldap=1

The LDAP authentication is now enabled. Users with a security profile in the LDAP server can authenticate with the managed element.