Users: Remote Servers (User Remote Authentication)
This screen allows you to authenticate the users that try to connect to the switch from centralized servers running a Radius service or hosting a directory that can be accessed through the LDAP protocol (Active Directory, for example). User Remote Authentication lets you integrate the switch into your global enterprise user management. By default, Remote Authentication is configured as “None”; i.e., all remote authentications are disabled, in which case the authentication is all done locally by using the database on the switch only. After you’ve made all modifications, click “Store Settings,” then “Apply Settings”/“Restart Servers.”
Authentication Server Type
From the
Directory Server Using LDAP
SSL Access: Select to enable SSL access of the LDAP authentication. NOTE: Make sure your LDAP server supports SSL, and remember, too, that you need to install a distinct set of certificates — ldapcert.crt and ldapkey.pem — on the switch by uploading them through the Security screen. Normally these certificates are generated by the directory server itself.
Port: Enter the port number used in LDAP authentication. By default, it is set to Port 389.
LDAP Server: Enter the IP address of the directory server.
Second Server (if any): If there is a second LDAP server available for authentication, enter its IP address here.
User Base Search DN: Make an appropriate entry here, which is characteristic of the LDAP server you use for authentication. The default is cn=users, dc=abc, dc=kle, dc=com, but you should enter your own. (If unsure what to enter, contact your LDAP server administrator.)
MANAGEMENT OVER A BROWSER | 51 |
|