LDAP Accessor Files
The ldapaccessor.gen file stores the settings used by the LDAP data accessor plug-in. Theldapaccessor.gen file is composed of several sections. Section names are enclosed in square brackets.
[Settings] Section
[Settings] Section
The [Settings] section (Table 166) of the ldapaccessor.gen file defines parameters that control the database connection.
Table 166: ldapacccessor.gen [Settings] Fields
Field | Description |
|---|---|
MethodName | Identifies the name under which the data accessor registers itself with Steel-Belted Radius Carrier. Default value is LDAP Accessor. |
Timeout | Specifies the number of seconds that a request waits for execution before it is discarded. Because as many as MaxConcurrent LDAP statements can be executing at one time, new requests must be queued as they arrive until other statements are processed. |
ConnectTimeout | Specifies the number of seconds to wait when attempting to establish the connection to the LDAP directory before timing out. This value is passed to the client LDAP directory, which might or might not implement the feature. Default value is 25 seconds. |
QueryTimeout | Specifies the number of seconds to wait for a response to a query before timing out. This value is passed to the client LDAP directory, which might or might not implement the feature. Default value is 10 seconds. |
WaitReconnect | Specifies the number of seconds to wait after a failure of the LDAP directory connection before trying to connect again. Default value is 2 seconds. |
MaxWaitReconnect | Specifies the maximum number of seconds to wait after successive failures to reconnect after a failure of the LDAP directory connection. The WaitReconnect setting specifies the time to wait after failure of the LDAP directory connection. This value is doubled on each failed attempt to reconnect, up to the value of the number of seconds specified by the MaxWaitReconnect setting. Default value is 360 seconds (6 minutes). |
UpperCaseName | Specifies whether the username is converted to uppercase. Choices are: 0 (preserve the case of the username), 1 (convert username to uppercase). Default value is 0. |
Search | The value of this field is a string, name. The name specifies an LDAP Search request by referencing a [Search/name] section elsewhere in the file. |
SSL | Specifies whether to use SSL over the LDAP connection. The choices are: 0 (do not use SSL), 1 (use SSL). Default value is 0. |
[Request] Section
[Request] Section
You must use the [Request] section of ldapaccessor.gen to bind the KeyToRecord variable provided in the gsmmap.gen file to the Key variable used in the LDAP search definitions. The value specified here (Key) must match the value specified in the [Search/DoLdapSearch] section.
See Detailed Use Cases for more information about key fields.
Do not modify the KeyToRecord keyword in the [Request] section. The value KeyToRecord is hard-coded into the gsmmap.gen file.
[Response] Section
[Response] Section
The [Response] section of the ldapaccessor.gen file maps the information retrieved by the LDAP search to values expected by the gsmmap module. Do not change the [Response] section unless instructed to do so by Juniper Networks Technical Services.
[Attributes/AttrList] Section
[Attributes/AttrList] Section
The [Attributes/AttrList] section identifies the attributes contained in the LDAP schema. Replace the attribute names in the sample file with the attributes used at your site.
[Attributes/AttrList] wlanMSISDN wlanIMSI wlanAuthorization wlanPrepayFlag