Configuring LDAP Access to Directory Data with the C-Web Interface

The tasks to configure LDAP access to directory data are:

1. Configuring Access Through LDAPS to Service and Subscriber Data
2. Configuring Access to Subscriber Data
3. Configuring Access to Service Data
4. Configuring Access to Policy Data
5. Configuring Access to the Persistent Login Cache
6. Configuring the Location of Network Device Data
7. Configuring the SAE to Manage Third-Party Devices
8. Configuring SAE Properties for Global Default SNMP Communities for Use with JUNOSe Routers and JUNOS Routing Platforms
9. Enabling Automatic Discovery of Changes in SAE Configuration Data
10. Setting the Timeout and Number of Events for SAE Directory Eventing (C-Web Interface)

Configuring Access Through LDAPS to Service and Subscriber Data

You can secure connections between a router and an external directory that contains service data or subscriber data, and you can configure the router to use LDAPS when it connects to the same data source.

To use LDAPS to secure connections between a router and an external directory:

1. Do one of the following:
   1. To configure service data, click Configure, expand Shared>SAE>LDAP, and then click Service Data.

      The Service Data pane appears.

   2. To configure subscriber data, click Configure, expand Shared>SAE>LDAP, and then click Subscriber Data.

      The Subscriber Data pane appears.

2. Click Create.
3. Select ldaps from the Secured LDAP Protocol list.
4. In the router initialization script you specify the directory context.

   The /opt/UMC/sae/lib/poolPublisher.py script and the /opt/UMC/sae/lib/IorPublisher.py script provide examples of how to configure a directory context, For example, from the /opt/UMC/sae/lib/IorPublisher.py script:

   dirContext = Ssp.registry.get('ServiceDataSource.component').getContext()

   In addition, you can change the directory context.

   For information about how to use InitialDirContext class or the DirContext class to specify directory context, see:

   http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/
   InitialDirContext.html

   http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html

Configuring Access to Subscriber Data

To configure SAE access to subscriber data:

1. Click Configure, expand Shared>SAE>LDAP, and then click Subscriber Data.

   The Subscriber Data pane appears.

2. Click Create, enter information as described in the Help text in the main pane, and then click Apply.

Configuring Access to Service Data

To configure SAE access to service data:

1. Click Configure, expand Shared>SAE>LDAP, and then click Service Data.

   The Service Data pane appears.

2. Click Create, enter information as described in the Help text in the main pane, and then click Apply.

Configuring Access to Policy Data

To configure SAE access to subscriber data:

1. Click Configure, expand Shared>SAE>LDAP, and then click Policy Data.

   The Policy Data pane appears.

2. Click Create, enter information as described in the Help text in the main pane, and then click Apply.

Configuring Access to the Persistent Login Cache

To configure SAE access to persistent login cache data:

1. Click Configure, expand Shared>SAE>LDAP, and then click Persistent Log Cache.

   The Persistent Login Cache pane appears.

2. Click Create, enter information as described in the Help text in the main pane, and then click Apply.

Configuring the Location of Network Device Data

To configure SAE access to network device data:

1. Click Configure, expand Shared>SAE, and then click Network Device Data.

   The Network Device Data pane appears.

2. Enter information as described in the Help text in the main pane, and click Apply.

Configuring the SAE to Manage Third-Party Devices

To configure SAE drivers for third-party devices:

1. Click Configure, and expand Driver.
2. To configure the SAE to manage AAA NAS groups, under Driver expand Aaa, and then click Create. Enter information as described in the Help text in the main pane, and then click Apply.
3. To configure the SAE to manage PCMM devices, under Driver expand PCMM, and then click Create. Enter information as described in the Help text in the main pane, and then click Apply.
4. To configure device scripts, under Driver expand Scripts, and then click Create. Enter information as described in the Help text in the main pane, and then click Apply.

Configuring SAE Properties for Global Default SNMP Communities for Use with JUNOSe Routers and JUNOS Routing Platforms

To configure SAE properties for global default SNMP communities:

1. Click Configure, and expand Driver.
2. Under Driver expand SNMP, and then click Create. Enter information as described in the Help text in the main pane, and then click Apply.

Enabling Automatic Discovery of Changes in SAE Configuration Data

To enable automatic discovery of changes in SAE configuration data:

1. Click Configure, expand Shared>SAE, and then click LDAP.

   The LDAP pane appears.

2. Click Create, enable the Enable Directory Eventing box as described in the Help text in the main pane, and then click Apply.

Setting the Timeout and Number of Events for SAE Directory Eventing (C-Web Interface)

To configure the directory eventing timeout and the number of simultaneous events that the SAE can receive from the directory:

1. Click Configure, expand Shared>SAE>LDAP, and then click Directory Eventing.

   The Directory Eventing pane appears.

2. Click Create, enter information as described in the Help text in the main pane, and then click Apply.

Related Topics

• For information about setting up SAE groups, see Configuring an SAE Group.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.