Setting The Global Ldap Server Timeout Value; Configuring Aaa Server Groups; Creating A Tacacs+, Radius, Or Ldap Server Group; Setting The Dead-Time Interval For A Tacacs+ Server Group - Cisco 4700M Configuration Manual

Configuring the ACE as a Client of a RADIUS, TACACS+, or LDAP Server

Setting the Global LDAP Server Timeout Value

Configuring AAA Server Groups

Cisco 4700 Series Application Control Engine Appliance Security Configuration Guide
2-38
By default, the ACE waits 5 seconds to receive a response from an LDAP server
before it declares a timeout failure and attempts to contact the next server in the
group. Use the ldap-server timeout command to globally change the time
interval that the ACE waits for the LDAP server to reply to a response before it
declares a timeout failure. The ACE applies this global timeout value to those
LDAP servers for which a timeout value is not individually configured by the
ldap-server host command.
The syntax of this command is as follows:
ldap-server timeout seconds
The seconds argument is the timeout value in seconds. Valid entries are from 1 to
60 seconds. The default is 5 seconds.
For example, to globally configure the timeout value to 30 seconds, enter:
host1/Admin(config)# ldap-server timeout 30
To change to the default of 5 seconds between transmission attempts, enter:
host1/Admin(config)# no ldap-server timeout 30
This section contains the following topics:

Creating a TACACS+, RADIUS, or LDAP Server Group

•

Setting the Dead-Time Interval for a TACACS+ Server Group

•

Setting the Dead-Time Interval for a RADIUS Server Group

•
Configuring the User Profile Attribute Type for an LDAP Server Group
•
Configuring the Base DN for an LDAP Server Group
•
• Configuring the Search Filter for an LDAP Server Group
Chapter 2 Configuring Authentication and Accounting Services
OL-16202-01