9. LDAP Server Configuration
Extend and Update the Active Directory Schema
To extend and update the Active Directory Schema, you must do the following 3 procedures: 1) create a new attribute; 2) extend the object class with the new attribute; and 3) edit the Active Directory users with the extended schema.
The CN8000 supports two types of Active Directory users: The first supports both authentication and authorization parameter settings on the LDAP server; the second supports shadow user access rights – where authentication takes place on the LDAP server, but authorization is via the CN8000’s user database.
Editing Active Directory users with the Type 1 schema is described on
page 142; editing Active Directory users with the Type 2 schema is described on page 148.
Creating a New Attribute
To create a new attribute do the following:
1.Start → Administrative Tools → Active Directory Schema.
2.In the left panel of the screen that comes up,
3.Select New → Attribute.
4.In the warning message that appears, click Continue to bring up the Create New Attribute dialog box.
5.Fill in the dialog box to match the entries shown below, then click OK to complete step 1 of the procedure.
139