Western Telematic RSM-32DC, RSM-8, RSM-16DC manual Configuration

Page 58

Configuration

In order to apply the LDAP feature, you must first define User Names and associated Passwords and group membership via your LDAP server, and then access the RSM command mode to enable and configure the LDAP settings and define port access rights and command access rights for each group that you have specified at the LDAP server.

To access the LDAP Parameters menu, access the command mode using a port and password that permit access to Supervisor Level commands and then proceed as follows:

Text Interface: Type /N and press [Enter] to display the Network Parameters Menu (Figure 5.9.) At the Network Parameters Menu, type 27 and press [Enter] to display the LDAP parameters menu (Figure 5.22.)

Web Browser Interface: At the Home Screen, click on the Network Configuration link to display the Network Configure menu (Figure 5.10,) and then click on the LDAP Parameters link to display the LDAP Parameters menu (Figure 5.23.)

Notes:

Port access rights are not defined at the LDAP server. They are defined via the LDAP Group configuration menu on each RSM unit and are specific to that RSM unit alone.

When LDAP is enabled and properly configured, LDAP authentication will supersede any passwords and access rights that have been defined via the RSM user directory.

If no LDAP groups are defined on a given RSM unit, then access rights will be determined as specified by the "default" LDAP group.

The "default" LDAP group cannot be deleted.

The LDAP Parameters Menu (Figure 5.22 or Figure 5.23) allows you to define the following parameters:

Enable: Enables/disables LDAP authentication. (Default = Off.)

LDAP Port: Defines the port that will be used to communicate with the LDAP server. (Default = 389.)

Primary Host: Defines the IP address or domain name (up to 64 characters) for the primary LDAP server. (Default = undefined.)

Secondary Host: Defines the IP address or domain name (up to 64 characters) for the secondary (fallback) LDAP server. (Default = undefined.)

Bind Type: Sets the LDAP bind request password type. Note that in the Text Interface, when the Bind Type is set to "Kerberos" LDAP menu will include an additional prompt (item 14) that is used to select Kerberos parameters as described in Section 5.8.7.5. In the Web Interface, the link to the kerberos parameters menu is located at the bottom of the LDAP Parameters Menu. (Default = Simple.)

Search Bind DN: Selects the user name who is allowed to search the LDAP directory. (Default = undefined.)

Search Bind Password: Sets the Password for the user who is allowed to search the LDAP directory. (Default = undefined.)

5-39

Image 58
Contents RSM Series Shock Hazard Do Not Enter Lithium Battery Secure RackingDisconnect Power Agency Approvals Table of Contents Configuration Table of Contents List of Figures Intelligent Port Selection Security and Collocation FeaturesIntroduction Capture BufferTypographic Conventions Configuration BackupRSM-8, RSM-16, RSM-16DC, RSM-32 and RSM-32DC Units Bold FontUnit Description Front PanelBack Panel Instrument Back Panel Model RSM-8 Power On/Off Switch Getting Started Quick Hardware InstallationApply Power to the RSM Connect your Control Device to the RSMCommunicating with the RSM Port Status Screen Text Interface RSM-8 Shown Getting Started Connecting Power to the RSM Unit Hardware InstallationDC Powered Units Connecting the Network Cable Connecting Devices to the RSMCommunicating with the RSM Unit ConfigurationText Interface Configuration Web Browser Interface Home Screen Web Browser InterfaceSystem SetUp Ports Configuration MenusDefining System Parameters System ParametersConfiguration Real Time Clock and Calendar Invalid Access Lockout Feature Audit Log Callback Security Configuration Port Access Supervisor AccessUser Accounts Managing User Accounts Viewing User AccountsAdding User Accounts Add User Menu Text Interface RSM-8 ShownConfiguration Modifying User Accounts Deleting User AccountsRS232 Port Configuration 1. RS232 Port ModesPort Configuration Menu Text Interface 2. RS232 Port Configuration Menus Communication SettingsGeneral Parameters Port Mode Parameters AT&C1&D2S0=1&B1&H1&R2Network Services Configuring the Internal Modem Network Configuration Servers and ClientsConfiguration Network Parameters 11 Network Parameters Menu Web Browser InterfaceNetwork Port Parameters 12 Network Port Parameters Menu Web Browser InterfaceConfiguration IP Security IP SecurityConfiguration Configuration Except Net/Mask PairsConfiguration Static Route 15 Static Route Menu Text InterfaceDomain Name Server 17 Nomain Name Server Menu Text Interface19 Snmp Access Menu Text Interface Snmp ParametersConfiguration Ldap Parameters LdapConfiguration Group Membership Value Type Default = DN Ldap Group25 Add Ldap Group Menu Text Interface RSM-8 Shown 27 View Ldap Group Menu Text Interface RSM-8 Shown 29 Modify Ldap Group Menu Text Interface RSM-8 Shown 31 Delete Ldap Group Menu Web Browser Interface 32 Ldap Kerberos Set Up Menu Text Interface Configuration Tacacs Parameters 34 The Tacacs Parameters Menu Text InterfaceConfiguration Radius Parameters 36 The Radius Parameters Menu Text InterfaceConfiguration 38 The Copy Port Parameters Menu Save User Selected Parameters CP 3,5,7-9 EnterStatus Screens Port Status Screen /S Status ScreensPort Diagnostics Screen /SD Port Diagnostics Screen RSM-8 ShownNetwork Status Screen /SN Porttcp Portstatus UsernamePort Parameters Screens /W Port Parameters Screen RS232 Port ShownXx Enter Operation Any-to-Any ModePort Connection and Disconnection Operation Operation 4 Enter EnterDefining Hunt Groups Hunt Group ExamplePassive Mode Buffer Mode Reading Data from Buffer Mode PortsPort Buffers Modem Mode Network Port Numbers Telnet & SSH FunctionsSSH Encryption Configuration Direct Connect FeatureStandard Telnet Protocol, SSH and Raw Socket Telnet & SSH Functions RSM-16 & RSM-16DC Standard Telnet Direct Connection without Password RSM-8SSH Direct Connection with Password RSM-8 RSM-32 & RSM-32DCRaw Socket Direct Connection without Password RSM-8 Raw Socket Direct Connection with Password RSM-8Connection Example Terminating a Direct Connect Session Syslog Feature ConfigurationCriteria for Generating a Syslog Message Testing Syslog Configuration Test Menu Text Interface, Supervisor Mode OnlySnmp Traps 10-1Snmp Trap Message How and When Snmp Traps are SentSnmp Contact Optional Snmp Location Optional Testing the Snmp Trap Function Saving and Restoring Configuration Parameters Sending Parameters to a FileRestoring Saved Parameters Upgrading RSM Firmware 12-112-2 Command Reference Guide Command ConventionsCommand Summary Resident Disconnect Sequence Command SetAudit Log CP Copy RS232 Port Parameters ConnectFormat /C x x Enter Format /CP Enter2 Enter or /D/Y 3 Enter Third Party DisconnectFormat /D/Y x x Enter Erase BufferHelp Reboot System DefaultSet System Parameters Display Site IDSet Network Port Parameters Send SSH KeySet RS232 Port Parameters Read Buffer PW Change PasswordSD Display Port Diagnostics Display Port StatusTest Test Network Parameters UF Upgrade FirmwareUL Unlock Port Invalid Access Lockout Save ParametersFormat /W x Enter Exit Command ModeDisplay Port Parameters Who Format /X EnterWhen not connected When connectedAppendix A. RS232 Port Interface Physical / Environmental Power Appendix B. SpecificationsRS232 Port Interface Connectors Models RSM-32 and RSM-32DCAppendix C. Customer Service Trademark and Copyright Information Trademarks Used in this ManualIndex Tacacs DhcpIndex-2 Index-3 Index-4