Tripp Lite B022-U08-IP Check the Enable Ldap Authentication checkbox, Anms LDAP/S Configuration

Page 35

7. Administration (continued)

7.2.3 Remote OSD Administration Tab (continued)

To allow authentication and authorization via LDAP/S, do the following:

1.Check the Enable LDAP Authentication checkbox.

2.Select LDAP or LDAPS.

3.Determine whether to enable authorization or not.

If the Enable Authorization checkbox is checked, the LDAP/S server directly returns a ‘permission’ attribute and authorization for the account that is logging in. With this selection, the LDAP schema must be extended.

If the Enable Authorization checkbox is not checked, the LDAP/S server indicates whether the account that is logging in is a member of the KVM Admin Group or not. If yes, the account has full access rights. If no, the account has user access rights (See the User Management section of this manual for details on account permissions).

4.Enter the appropriate IP address and access port for the LDAP or LDAPS server in the LDAP Server IP and Port fields. The default port number for LDAP is 389, and is 636 for LDAPS.

5.In the Timeout (Seconds) field, enter the time in seconds that the

KVM waits for an LDAP or LDAPS server reply before it times out.

6.Consult the LDAP/S administrator about the appropriate entry for the LDAP Administrator DN field. For example, the entry might look like this: cn=LDAPAdmin,ou=B022-U08-

IP,dc=tripplite,dc=com

7.In the LDAP Admin Password field, key in the LDAP administrator’s password.

8.In the Search DN field, set the distinguished name of the search base (i.e. the domain name where the search starts for the user name). Note: If the Enable Authorization checkbox is not checked, this field must include the entry where the KVM Admin Group is created. Consult the LDAP/S administrator about the appropriate entry for this.

9.In the Admin Group field, key in the group name for KVM administrator accounts. Note: If the Enable Authorization checkbox is not checked, this field is used to authorize accounts that are logging in. Accounts that are in this group have full access rights to the KVM. Accounts that are not in this group have user access rights to the KVM (See the User Management section of this manual for details on account permissions). Consult the LDAP/S administrator about the appropriate entry for this.

10.On the LDAP server, set the access rights for each user (The following sections describe how to configure LDAP/S for use with the KVM switch).

ANMS – LDAP/S Configuration

To allow authentication and authorization via LDAP or LDAPS, the active directory’s LDAP Schema must be extended so that an extended attribute name for the KVM—permission—is added as an optional attribute to the person class.

Note: Authentication refers to the identity verification of the person logging into the KVM switch, whereas Authorization refers to the assigning of device permissions.

In order to configure the LDAP server, you will have to complete the following procedures:

1.Install the Windows Support Tools.

2.Install the Active Directory Schema Snap-In.

3.Extend and Update the Active Directory Schema.

Each of these procedures is described in the following sections:

Install the Windows Support Tools

1.On the Windows Server, open the Support Tools folder.

2.In the right panel of the dialog box that comes up, double click SupTools.msi.

3.Follow along with the Installation Wizard to complete the procedure.

Install the Active Directory Schema Snap-In

1.Open a Command prompt.

2.Key in regsvr32 schmmgmt.dll to register schmmgmt.dll on your computer.

3.Open the Start menu. Click Run and key in mmc /a. Click OK.

4.In the File menu of the screen that appears, click Add/Remove Snap-in, and then click Add.

5.Under Available Standalone Snap-ins, double click Active Directory Schema, click Close and then click OK.

6.On the screen you are in, open the File menu and click Save.

7.When prompted where to save, specify the C:\Windows\system32 directory.

8.Key in the filename schmmgmt.msc.

9.Click Save to complete the procedure.

Extend and Update the Active Directory Schema – Create a New Attribute

1.Open Control Panel Administrative Tools Active Directory Schema.

2.In the left panel of the screen that comes up, right-click Attributes.

3.Select New Attribute.

35

Page 34 Page 36
Image 35
Page 34 Page 36
Contents Model # B022-U08-IP Table of Contents Introduction Package ContentsFCC Information User NoticeSupported operating systems are shown in the table, below System RequirementsComponents Rack Mounting Safety Instructions InstallationGeneral Safety Instructions Standard Rack Mounting Single Stage InstallationRack Mounting Instructions GroundingNetwork Setup-IP Address Configuration Multi-Stage Daisy-chain InstallationIP Installer DNS server field is optional Installation Sharing USB Peripheral Devices Powering Off and RestartingLocal Console Login KVM OperationKey Description Local Console Port AccessOther Hotkeys Invoking the Hotkey ModeWhen Hotkey Mode has been invoked Port Control HotkeysHotkey Mode Invocation Sequence Auto Scan ModeSkip Mode Computer Keyboard/Mouse ResetHotkey Summary Table Hotkey Operation Hotkey Command DescriptionLogging Into the KVM over IP Logging In via the AP Windows Client Web Browser and Non-Browser Remote Port Access Icon Description Port Access via Remote OSDWindows ME Mouse Synchronization ProceduresWindows Windows XP / Server 2003 / VistaRemote Auto Scan Action Hotkey Description Hotkey SetupConfiguring the Hotkeys Video SettingsGray Scale Gamma AdjustmentSetting Description Video Auto SyncCtrl-Alt-Del User List PanelCompose Panel Message Display PanelUser AdministrationLocal OSD Remote OSD ALL Local Console OSDPort that is currently active Local Console OSD F4 Administration ADM Local Console Firmware Upgrade Remote OSD Firmware Upgrade RecoveryRemote OSD Configuration Tab User Management General InformationNetwork User Management Port AccessNetwork Access Ports User Management PermissionsAnms Access RightsInstall the Active Directory Schema Snap-In Check the Enable Ldap Authentication checkboxAnms LDAP/S Configuration Install the Windows Support ToolsAdministration Character Description Access Rights DescriptionPermission Attribute Value \Program Files\OpenLDAP OpenLDAP Server InstallationOpenLDAP Server Configuration Anms OpenLDAP ServerLdap Data Stucture Customizing the OpenLDAP SchemaSecurity Using the New SchemaAnms Log Server Settings Security Default Webpage NameCustomization Mouse Sync Mode Customization Firmware UpgradeCustomization Login Failures Customization Working ModeCustomization I/O Reset on ExitReset Default Values Web Management InterfaceIP Address and DNS Server Access PortsDefault Webpage Name IP Installer SettingsRadius Settings LDAP/S Server Configuration Run Adsi Edit. Installed as part of the Support Tools Permission Attribute Value Starting the Open Ldap Server OpenLDAP Server InstallationOpenLDAP Server Ldap Data Structure Log Server SettingsPermissions Client Timeout ControlLogin Failure Reset Working ModeMouse Sync Mode Restore Configuration / User Accounts Firmware UpgradeBackup Configuration / User Accounts Menu Bar ConfigureLog Server Log Server Main Screen EventsOptions HelpEvent Panel List PanelSpecification B022-U08-IP SpecificationsSun Keyboard OSD Default SettingsKeyboard Emulation Mac KeyboardFCC Notice, Class a Warranty Registration
Related manuals
Manual 16 pages 37.5 Kb
Top Page Image Contents