39Step Command Remarks4. (Optional.) Specify the usersearch scope.search-scope { all-level |single-level }By default, the user search scope isall-level.5. (Optional.) Specify theusername attribute.user-parametersuser-name-attribute{ name-attribute | cn | uid }By default, the username attributeis cn.6. (Optional.) Specify theusername format.user-parametersuser-name-format { with-domain |without-domain }By default, the username format iswithout-domain.7. (Optional.) Specify the userobject class.user-parameters user-object-classobject-class-nameBy default, no user object isspecified, and the default userobject class on the LDAP server isused.Creating an LDAP schemeYou can configure up to 16 LDAP schemes. An LDAP scheme can be referenced by multiple ISP domains.To create an LDAP scheme:Step Command Remarks1. Enter system view. system-view N/A2. Create an LDAP schemeand enter its view. ldap scheme ldap-scheme-name By default, no LDAP scheme is defined.Specifying the LDAP authentication serverStep Command Remarks1. Enter system view. system-view N/A2. Enter LDAP scheme view. ldap scheme ldap-scheme-name N/A3. Specify the LDAPauthentication server. authentication-server server-name By default, no LDAP authenticationserver is specified.Displaying and maintaining LDAPExecute the display command in any view.Task CommandDisplay the configuration of LDAP schemes. display ldap scheme [ scheme-name ]Configuring AAA methods for ISP domainsYou configure AAA methods for an ISP domain by referencing configured AAA schemes in ISP domainview. Each ISP domain has a set of system-defined AAA methods, which are local authentication, localauthorization, and local accounting. If you do not configure any AAA methods for an ISP domain, thedevice uses the system-defined AAA methods for users in the domain.