• Download PDF: Changing Access to the Directory that Stores SRC Configuration Data 

• Related Topics
• Verifying the Configuration for SRC Directory Access

Changing Access to the Directory that Stores SRC Configuration Data

Use the following configuration statements to change connection properties for the directory that stores SRC configuration data:

system ldap client {

base-dn base-dn ;

url url ;

backup-urls [ backup-urls ...];

principal principal ;

credentials credentials ;

timeout timeout ;

time-limit time-limit ;

}

Note: Before you change directory connection properties, make sure that all configuration changes have been committed.

To change connection information to the directory that stores SRC configuration information:

1. From configuration mode, access the configuration statement that configures the directory connection.

   [edit]

   user@host# edit system ldap client

2. (Optional) Change the DN of the root directory to store SRC configuration information. You can use the default root o=umc.

   [edit system ldap client]

   user@host# set base-dn base-dn

3. (Optional) Change the URL that identifies the location of the primary directory server.

   [edit system ldap client]

   user@host# set url url

4. (Optional) Specify URLs that identify the locations of backup directory servers.

   [edit system ldap client]

   user@host# set backup-urls backup-url-n backup-url-n2

   Backup servers are used if the primary directory server is not accessible.

5. (Optional) Change the DN that defines the username with which an SRC component accesses the directory.

   [edit system ldap client]

   user@host# set principal principal

   For example:

   [edit system ldap client]

   user@host# set principal-dn cn=area1,o=Operators,o=umc

6. (Optional) Change the password used for authentication with the directory server.

   [edit system ldap client]

   user@host# set credentials credentials

7. (Optional) Specify the maximum amount of time during which the directory must respond to a connection request.

   [edit system ldap client]

   user@host# set timeout timeout

8. (Optional) Specify the length of time to wait for a connection to the directory to be established. If you set the value to 0, there is no time limit.

   [edit system ldap client]

   user@host# set time-limit time-limit

9. (Optional) Change directory eventing properties for the CLI.

   Note: Do not change the value for the enable-eventing, polling-interval, connection-manager-id, dispatcher-pool-size, or event-base-dn statements unless instructed to do so by Juniper Networks. The eventing statement is enabled by default.

In most cases, you use the default configuration for directory eventing properties. .