Chapter 3: Web Interface Operations

19

 

 

To configure LDAP search parameters:

1.Select Appliance - Appliance Settings - User Accounts - LDAP Accounts - Search.

2.Enter the appropriate information in the Search DN, Search Password, Search Base and UID Mask fields.

3.Click Save.

NOTE: These options cannot be changed if the LDAP Priority is set to LDAP Disabled on the Overview screen.

LDAP Query parameters

On the LDAP Query page, you can configure the parameters used when performing user authentication queries.

The appliance performs two different types of queries. Query Mode (Appliance) is used to authenticate administrators attempting to access the appliance itself. Query Mode (Target Device) is used to authenticate users that are attempting to access attached target devices. Additionally, each type of query has three modes that utilize certain types of information to determine whether or not a VCS user has access to an appliance or connected target devices. See Appliance and Target Device Query Modes on page 21 for detailed information on each mode.

You can configure the following settings on the LDAP Query page:

The Query Mode (Appliance) parameters determine whether or not a user has access to the appliance.

The Query Mode (Target Device) parameters determine whether or not a user has user access to target devices connected to an appliance. The user does not have access to the appliance.

The Group Container, Group Container Mask and Target Mask fields are only used for group query modes and are required when performing an appliance or device query.

The Group Container field specifies the organizational unit (ou) created in Active Directory by the administrator as the location for group objects. Group objects are Active Directory objects that can contain users, computers, contacts and other groups. Group Container is used when Query Mode is set to Group Attribute. Each group object, in turn, is assigned members to associate with a particular access level for member objects (people, appliances and target devices). The access level associated with a group is configured by setting the value of an attribute in the group object. For example, if the Notes property in the group object is used to implement the access control attribute, the Access Control Attribute field on the LDAP Query page should be set to info. Setting the Notes property to KVM User Admin causes the members of that group to have user administration access to the appliances and target devices that are also members of that same group.

The Notes property is used to implement the access control attribute. The value of the Notes property, available in group and user objects shown in Active Directory Users and Computers (ADUC), is stored internally in the directory, in the value of the info attribute. ADUC is a Microsoft Management Console snap-in for configuring Active Directory. It is started by

Page 31
Image 31
Avocent IP 1020 manual Ldap Query parameters, To configure Ldap search parameters

IP 1020 specifications

The Avocent IP 1020 is a robust remote management solution designed for data centers requiring high availability and secure access to critical infrastructure. As an integral component of the Avocent product line, the IP 1020 provides users with seamless control over servers and IT equipment from virtually any location, enhancing operational efficiency and reducing downtime.

One of the key features of the Avocent IP 1020 is its capability for remote access. Users can connect to their systems securely over the internet using standard web browsers. This functionality is crucial for IT administrators who need to perform routine maintenance, troubleshoot issues, or manage systems in real-time without being physically present.

The device supports both KVM (Keyboard, Video, Mouse) over IP and a wide range of operating systems, ensuring compatibility with diverse IT environments. With high-resolution video output, the IP 1020 guarantees clear and responsive visual access, enhancing user experience during management tasks. Additionally, it supports multiple video resolutions, catering to varied user preferences and requirements.

Security is a fundamental aspect of the Avocent IP 1020. It features advanced encryption protocols to protect data transmitted between the device and remote users. This includes support for SSL/TLS, ensuring that all communications remain secure and compliant with data protection regulations. Moreover, the device incorporates user authentication mechanisms and access controls to prevent unauthorized access, making it suitable for sensitive operational contexts.

The IP 1020 also integrates environmental monitoring capabilities. Users can establish alerts and notifications for temperature and humidity fluctuations, which are critical for data center operations. This ensures that IT personnel can take proactive measures to maintain optimal operating conditions.

With its user-friendly interface, the Avocent IP 1020 streamlines management tasks, allowing IT staff to efficiently handle multiple systems from a single console. It supports various connectivity options, including serial connections for legacy devices, ensuring that even older equipment can be effectively managed.

In conclusion, the Avocent IP 1020 is a versatile and secure remote management solution tailored for data centers. Its combination of reliable KVM access, robust security features, environmental monitoring, and ease of use makes it an indispensable tool for IT administrators focused on maintaining the integrity and performance of their IT infrastructure.