Avocent DSView 3 - page 101

Chapter 6: Authentication Services 79

This encryption mode is not recommended for wide area networks (WANs).

•Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data

transmission. The DSView 3 software will approve the server and then the certificate

before transmitting data. This SSL method provides maximum security.

10. Click Use an Active Directory Global Catalog to have the AD service access the global catalog

for the specified domain name.

11. Click Use Kerberos for User Authentication to use the Kerberos protocol for authentication

requests, including the browsing. If enabled, you must use DES encryption types for this

account. If an account was created prior to Active Directory, the user’s password must be

changed after this setting is changed. In addition, the Active Directory server addresses must

be resolvable to their host names via DNS.

When this is not checked, the LDAP protocol will beused.

12. Click Save to save your changes.

• If you selected Use SSL in Certificate-based Trust Mode, the Certificates heading will

appear in the side navigation bar. Go to step 13.

• If you selected Do Not Use SSL or Use SSL in Trust All Mode, go to step 16.

13. Click Certificates. The Authentication Service Certificate Management - AD window opens

and list all servers in that domain. A status of Trusted indicates the certificate is trusted, based

on the certificate policy (see System certificate policy and trust store on page 44); Untrusted

indicates the certificate cannot be trusted.

14. To register certificates:

a. To select one or more certificates, click the checkbox to the left of the server IP addresses.

To select all certificates on the page, click the checkbox to the left of the IP

Address heading.

b. Click Register above the IP Address list to register the certificates. The Accept SSL

Certificate window will open.

c. Click Save to store the certificate values to the DSView 3 software database on the host or

click Close if you do not wish to save the certificate values.

The Authentication Service Certificate Management window will open if only one

certificate was selected. If more than one certificate was selected, each will appear in

order in subsequent Accept SSL Certificate windows.

15. To unregister certificates:

a. To select one or more certificates, click the checkbox to the left of the server IP addresses.

To unregister all certificates, click the checkbox to the left of the IP Address heading.

b. Click Unregister to unregister the certificates.

c. A confirmation message box will appear. Confirm or cancel the operation.

16. Click Close. The User Authentication Services window will open.