Observer Matrix : Matrix CLI : Matrix CLI : system auth modify remote setting
   
system auth modify remote setting
The command system auth modify remote setting sets or modifies remote authentication server settings.
A list of available settings can be viewed by pressing TAB twice. The current value can be edited by pressing TAB twice after typing a valid setting name. Available settings are listed by remote authentication server type.
 
Usage
system auth modify remote setting <Setting> <Value>
 
 
Parameters
Parameter
Description
ldap.host
The host address of the LDAP server. Required.
ldap.port
The port number accepting connections to the LDAP server. The default is 389.
ldap.baseDn
The Base Distinguished Name is the point in the directory tree from which users are verified. This might be the root or some place lower in the tree to limit the number of users returned. Required.
ldap.version
The LDAP protocol version the LDAP server uses.
ldap.useTLS
Sets the LDAP connection to use TLS.
The security type for authenticating and encrypting connections.
ldap.useSSL
Sets the LDAP connection to use SSL.
The security type for authenticating and encrypting connections.
ldap.bindDn
The Bind Distinguished Name (Bind DN) is required for importing user accounts from the LDAP server.
ldap.bindPwd
The password of the Bind DN.
ldap.timeout
The duration (in seconds) a connection attempt waits before aborting. The default is 10.
ldap.userFilter
The user filter restricts who may use the Observer Platform. The filter limits what part of the LDAP tree is used to validate user accounts so that OMS does not have large lists of users who do not require access to the Observer Platform. Required.
ldap.userIdAttribute
The name of the attribute in which the user ID for each user is stored. If no user ID attribute is provided, then IDs are created sequentially starting with 90000000.
ldap.userNameAttribute
The name of the attribute in which the user name for each user is stored. Required. This used primarily when importing users. When importing users, values in the uid attribute are mapped to the Username field for display in the Users list.
ldap.userDescAttribute
The name of the attribute in which the description for each user is stored. This used primarily when importing users. When importing users, values in the displayName attribute are mapped to the Description field for display in the Users list.
ldap.userDn
The User Distinguished Name (DN) is a user that will authenticate to the LDAP tree using a bind request. This user will be someone with access to search all or part of the LDAP directory tree. If left blank, and anonymous bind request is used.
ldapAD.host
The host address of the Active Directory server.
ldapAD.port
The port number of the Active Directory server. The default is 389.
ldapAD.version
The protocol version of LDAP the Active Directory host uses.
ldapAD.timeout
The duration (in seconds) a connection attempt waits before aborting. The default is 10.
ldapAD.useTLS
Sets the Active Directory connection to use TLS.
The security type for authenticating and encrypting connections.
ldapAD.useSSL
Sets the Active Directory connection to use SSL.
The security type for authenticating and encrypting connections.
ldapAD.domain
The parent domain name.
ldapAD.baseDn
The Base Distinguished Name is the point in the directory tree from which users are verified. This might be the root or some place lower in the tree to limit the number of users returned. Required.
nims.retryCount
The maximum number of connection retries per authentication attempt.
nims.timeout
The duration a connection attempt waits before aborting.
nims.host1
The first OMS server host name or IP address.
At least one OMS server is required. If two servers are declared, the first server is used unless unreachable.
nims.host2
The second OMS server host name or IP address.
At least one OMS server is required. If two servers are declared, the first server is used unless unreachable.
nims.keyfile
A OMS authentication server keyfile is required when using OMS.
radius.sharedSecret
Providing the shared secret, a text string, is necessary for authenticating with the RADIUS host.
radius.authType
The authentication method of the server(s) must be specified.
radius.retryCount
The maximum number of connection retries per authentication attempt.
radius.timeout
The amount of time to wait for a response per RADIUS request.
The duration a connection attempt waits before aborting.
radius.host1
The first RADIUS server host name or IP address.
One RADIUS server is required. If two servers are declared, the first server is used unless unreachable.
radius.port1
The authentication port of the first RADIUS server.
Modern port assignments for RADIUS access servers are UDP 1812 and 1813.
radius.host2
The second RADIUS server host name or IP address.
One RADIUS server is required. If two servers are declared, the first server is used unless unreachable.
radius.port2
The authentication port of the second RADIUS server.
Modern port assignments for RADIUS access servers are UDP 1812 and 1813.
tacacs.sharedSecret
The shared secret for the TACACS+ server.
Providing the pre-shared key, a secret text string, is necessary for authenticating with the TACACS+ host.
tacacs.authType
The authentication protocol the TACACS+ server accepts requests over must be specified.
tacacs.host1
The first TACACS+ server host name or IP address.
One TACACS+ server is required. If two servers are declared, the first server is used unless unreachable.
tacacs.port1
The authentication port of the first TACACS+ server.
The standard port assignment for TACACS+ login is TCP port 49.
tacacs.host2
The second TACACS+ server host name or IP address.
One TACACS+ server is required. If two servers are declared, the first server is used unless unreachable.
tacacs.port2
The authentication port of the second TACACS+ server.
The standard port assignment for TACACS+ login is TCP port 49.
 
 
Examples
matrix_host# system auth modify remote setting ldap.host 10.0.64.81 Sets the remote LDAP server to 10.0.64.81
matrix_host# system auth modify remote setting ldap.port 686 Sets the remote LDAP server port to 668