CN8600 User Manual

The Permission Attribute Value (for RADIUS and LDAP)

The attribute value for permission is made up of two parts: 1) the IP address of the CN8600 a user will access; and 2) a string that indicates the access rights the user has on the CN8600 at that IP address. For example:

192.168.0.80&c,w,j;192.168.0.188&v,l

The makeup of the permission entry is as follows:

ŠAn ampersand (&) connects the CN8600’s IP with the access rights string.

ŠThe access rights string is made up of various combinations of the following characters: c w j p l v s. The characters can be entered in upper or lower case. See Permitted String Characters table below.

ŠThe characters in the access rights string are separated by a comma (,). There are no spaces before or after the comma.

ŠIf a user has access rights to more than one CN8600, each permission segment is separated by a semicolon (;). There are no spaces before or after the semicolon.

ŠUse the following keyword for Radius and LDAP setting: su/[username]

the username must be a real user account that exists in the system.

ŠLDAP should use CN8600-userProfile, or can waive this. The login name must exist in the local account.

Permission String Characters

Character

Meaning

 

 

C

Grants the user administrator privileges, allowing the user to configure

 

the system.

 

 

W

Allows the user to access the system via the Windows Client program.

 

 

J

Allows the user to access the system via the Java applet.

 

 

L

Allows the user to access log information via the user's browser.

 

 

V

Limits the user's access to only viewing the video display.

 

 

M

Allows the user to use the Virtual Media function – Read / Write

 

 

40