Tripp Lite B051-000 IP Radius Settings, Ldap Authentication Settings, Character Meaning

Page 19

Administration

RADIUS Settings

To allow authorization for the B051-000 through a RADIUS server, do the following:

1.Check Enable in the RADIUS section of the ANMS screen.

2.Fill in the IP addresses and port numbers for the Primary and Alternate RADIUS servers.

3.In the Timeout field, set the time in seconds that the B051-000 waits for a RADIUS server reply before it times out.

4.In the Retries field, set the number of allowed RADIUS retries.

5.In the Shared Secret field, key in the character string that you want to use for authentication between the B051-000 and the RADIUS Server.

6.On the RADIUS server, set the access rights for each user according to the information in the table below:

Character

Meaning

 

 

C

Grants the user administrator privileges, allowing the user to configure the system.

 

 

W

Allows the user to access the system via the Windows Client program.

 

 

J

Allows the user to access the system via the Java applet.

 

 

L

Allows the user to access log information via the user’s browser.

 

 

V

Limits the user’s access to only viewing the video display.

 

 

S

Allows the user to use the Virtual Media function.

 

 

RADIUS Server access rights examples are given in the table, below:

String

Meaning

C, W

User has administrator privileges; user can access the system via the Windows Client.

W, J, L

User can access the system via the Windows Client; user can access the system via the Java Applet; user can access log

information via the user’s browser.

 

 

 

Note: Characters are not case sensitive. Characters are comma delimited.

LDAP Authentication Settings

To allow authentication and authorization for the B051-000 via LDAPS, do the following:

Item

Description

 

 

Enable

Put a check in the Enable checkbox to allow LDAP / LDAPS authentication and authorization.

 

 

LDAP / LDAPS

Click to specify whether to use LDAP or LDAPS.

 

 

 

Click on Enable Authorization if you want it enabled.

 

1. If enabled, the LDAP / LDAPS server directly returns a ‘permission’ attribute and authorization for the user that is

 

logging in. With this selection the LDAP schema must be extended. (See LDAP Server Configuration, page xx, for

Enable Authorization

details.)

2. If not enabled, the server returns a result that depends on whether the user that is logging in belongs to the B051-000

 

 

Admin Group. If the result is ‘yes’ the user has full access rights (See Administrator Access Rights, page 22); if the result

 

is ‘no’, the user has limited access rights. (See User Access Rights, page 22.)

 

Note: Consult the LDAP / LDAPS administrator to ascertain whether to enable the Enable Authorization function, or not.

 

 

LDAP Server IP and

Fill in the IP address and port number for the LDAP or LDAPS server. For LDAP, the default port number is 389; for

Port

LDAPS, the default port number is 636.

 

 

Timeout

Set the time in seconds that the B051-000 waits for an LDAP or LDAPS server reply before it times out.

 

 

LDAP Administrator

Consult the LDAP / LDAPS administrator to ascertain the appropriate entry for this field. For example, the entry might

DN

look like this: cn=LDAPAdmin,ou=b051-000,dc=tripp lite,dc=com

LDAP Administrator

Key in the LDAP administrator’s password.

Password

 

 

Set the distinguished name of the search base. This is the domain name where the search starts for user names.

Search DN

Note: If Enable Authorization is not checked, this field must include the entry where the B051-000 Admin Group is

 

created. Consult the LDAP / LDAPS administrator to ascertain the appropriate value.

 

 

 

Key in the Group Name for B051-000 administrators.

B051-000 Admin

Note: If Enable Authorization is not checked, this field is used to authorize users that are logging in. If a user is in this

Group

group, the user receives full access rights. If a user is not in this group, the user only receives limited access rights.

 

Consult the LDAP / LDAPS administrator to ascertain the appropriate value.

 

 

19

Image 19
Contents Model IP Remote Access UnitTable of Contents Appendix System Requirements FeaturesResolution Refresh Rates IntroductionVirtual Media Support CablesOperating Systems BrowsersRear View ComponentsFront View Component DescriptionRack Mounting Safety Instructions Hardware SetupSafety Instructions General Safety InstructionsRack Mounting Setup InstructionsDIN Rail Mounting Installation Browser Setting up an IP AddressIP Installer IP Address DeterminationAP Windows Client Logging Browser LoginInstalling the Certificate Click Install CertificateRemote Console Preview Administration IconsScreen Elements Utility IconsComputer Field Explanation AdministrationGeneral NetworkDNS Server Access PortsIP Installer Settings IP AddressIP Filtering SecurityOverview FilteringMAC Filtering Advanced Network Management Settings AnmsString Meaning Radius SettingsLdap Authentication Settings Character MeaningActive Directory Ldap ConfigurationSelect New → Attribute Administration User Value Meaning Access rights examples are given in the table belowStarting the OpenLDAP Server OpenLDAP Server InstallationOpenLDAP Server Configuration OpenLDAP ServerLdap Data Structure Customizing the OpenLDAP SchemaLdap DIT Design and Ldif File DIT CreationLog Server Settings Using the New SchemaUser Management Customization Parameter Explanation MaintenanceFirmware Upgrade Backup Configuration / User AccountsRestore Configuration / User Accounts Mouse Synchronization Tips Windows ClientStarting Up NavigationSun / Linux Windows Client Control Panel Hotkey SetupIcon Description Grayscale Video SettingsConfiguring the Hotkeys Action Description Default HotkeyMessage Board Virtual MediaVirtual Media Icons Exit Button BarCtrl+Alt+Del On-Screen KeyboardClick the Pointer Options tab Java AppletWindows Java Applet Control Panel Ctrl + F12 + Del Button Function Ctrl+Alt+Del Log File Screen Log FileAdd ConfigureLog Server Menu BarSearch EventsEdit DeleteHelp OptionsList Panel Log Server Main ScreenEvent Panel Windows Client Connection Screen AP OperationStart → All Programs → B051-000 → iClient General Administrator UtilityNetwork Access PortsOverview Finishing UpTo delete a MAC Filter IP FilteringTo delete an IP Filter To modify an IP FilterAnms Active Directory Install the Windows 2003 Support ToolsInstall the Active Directory Schema Snap-in Extend and Update the Active Directory SchemaLocate the user you wish to edit. Our example uses jason With IP addresses of 10.0.0.166 OpenLDAP Server Ldap Data Structure DIT Creation User Management Timeout, Login failure, and Working mode parameters AP Java Client Upgrading the FirmwareJava Client Connection Screen Appendix SpecificationsBasic Setup Connection Setup Example Windows XPTroubleshooting Log Server Sun / Linux FCC Part 68 Notice United States Only Warranty