Pelco SM5200 manual Ldap Setup, Ldap Settings Tab

Page 20

LDAP Setup

The system manager can connect to and validate user credentials from an Lightweight Directory Access Protocol (LDAP) server allowing for the integration of the Endura network with single sign-on services. The system manager supports LDAP for Microsoft Active Directory.

The system manager supports the two most common methods for LDAP authentication: simple (single bind) and two-stage bind with a service account.

Simple (single-bind) authentication associates a user name and password with a distinguished name (DN) to validate user credentials.

The two-stage bind authentication method uses a service DN and a service DN password to establish the initial bind with the LDAP server. Upon a successful initial bind, a search is performed using the base DN, the first key from the Search Attributes field, and the user name. If the user’s information is found, the second bind is performed using the DN to authenticate user credentials.

NOTES:

The system manager can connect to the LDAP server over the primary network interface or the secondary network interface if the LDAP server resides on the same subnet as the secondary network interface.

You must disable password expiration from the WS5200 application before enabling LDAP.

If LDAP is enabled and you need to change the password for the admin user, you must do so through the Web Configuration Application.

A User Name must exist in both the LDAP directory and Endura users list for successful user validation; in an LDAP validated system, user permissions are still managed from the Endura network. Refer to your WS5200 software manual for more information about configuring users, roles, and permissions.

This guide provides instructions for configuring simple or two-stage bind LDAP authentication schemes; however, the system manager may support additional LDAP authentication schemes.

Click the LDAP tab to access your system manager’s LDAP settings.

Figure 10. LDAP Settings Tab

20

C5619M (8/12)

Image 20
Contents Endura SM5200 System Manager Contents List of Illustrations Navigating the WEB Interface About the Web Configuration ApplicationEndura Application Compatibility Saving Configuration Settings Restoring Factory DefaultsSystem Tools Restarting the SystemLogging On to the SM5200 Changing Your PasswordExpiring Passwords Temperature Status System StatusPower Status Video StorageFAN Status Disk StatusIP Settings Configuring the Primary Network InterfaceConfiguring the Secondary Network Interface Configuring the Failover Cluster IP Address System Manager Failover ClusterSystem Settings Date and Time ConfigurationUsing the System Manager AS AN Independent Time Server About Overriding Default DST SettingsOverriding Default DST Settings Synchronizing with AN External Time ServerPelco WEB Viewer Configuration Configuring the Pelco WEB ViewerUser Permissions for Accessing the Pelco WEB Viewer Enabling User Access to the Pelco WEB ViewerWEB Server Port Configuration Changing the Https PortConfiguring Snmp Snmp ConfigurationConfiguring Snmp V2C Dhcp Setup DhcpManaging Leases Configuring Dhcp ScopesSetting MAC Address Reservations Deleting MAC Address Reservations Ldap Setup Ldap Settings TabDisabling Password Expiration Configuring Ldap AuthenticationTesting Ldap Search Settings Configuring Search Settings for Simple Ldap AuthenticationUpdating the SM5200 Product Warranty and Return Information