Chapter 8: Configuring LDAP

101

 

 

To configure LDAP authentication priority parameters:

1.Select Configure Appliance Authentication Authentication Settings.

2.Select either Use Local Authentication, Use LDAP Authentication, Use Local First or Use LDAP First.

3.Click Save.

LDAP server parameters

The IP Address fields specify the host names or IP addresses of the primary and secondary LDAP servers. The second LDAP server is optional.

The Port ID fields specify the User Datagram Protocol (UDP) port numbers used to communicate with the LDAP servers. The default is 389 for non-secure LDAP and 636 for secure LDAP. The default Port ID is automatically entered by the software when an access type is specified.

NOTE: The Access Type radio buttons specify how a query is sent to each LDAP target device. You may choose either LDAP or LDAPS. Choose LDAP to send all user names, passwords and other information as a non-secure clear text between a KVM switch and LDAP server. Choose LDAPS for secure, encrypted communication using a secure sockets layer (SSL).

To configure LDAP server parameters:

1.Select Appliance Authentication Server.

2.Identify the primary and secondary server addresses, port and access type in the appropriate fields or radio buttons.

3.Click Save.

LDAP search parameters

Clicking the Search tab displays the parameters used when searching for LDAP directory service users.

Use the Search DN field to define an administrator-level user that the KVM switch uses to log into the directory service. Once the KVM switch is authenticated, the directory service grants it access to the directory to perform the user authentication queries specified on the Query tab. The default values are cn=Administrator, cn=Users, dc=yourDomainName and dc=com and may be modified. For example, to define an administrator Distinguished Name (DN) for test.view.com, type cn=Administrator, cn=Users, dc=test, dc=view and dc=com. This is a required field unless the directory service has been configured to enable anonymous search, which is not the default.

Each Search DN value must be separated by a comma. The Search Password field is used to authenticate the administrator or user specified in the Search DN field.

Use the Search Base field to define a starting point from which LDAP searches begin. The default values are dc=yourDomainName, dc=com and may be modified. For example, to define a search base for test.com, type dc=test, dc=com. Each Search Base value must be separated by a comma.

Page 113
Image 113
APC AP5615, AP5616 Ldap server parameters, Ldap search parameters, To configure Ldap authentication priority parameters