Chapter 6: Authentication Services

91

 

 

Click Do Not Use SSL to have authentication performed using unencrypted clear text instead of SSL encryption. This method is the least secure and automatically sets the Port Number field to a default port number of 389.

Click Use SSL in Trust All Mode to use SSL encryption for data transmission. All server certificates will be trusted and automatically accepted by the DSView 3 software for transmitting data. This SSL method provides medium security and automatically sets the Port Number field to a default port number of 636.

This encryption mode is not recommended for wide area networks (WANs).

Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data transmission. The DSView 3 software will approve the server and then the certificate before transmitting data. This SSL method provides maximum security and automatically sets the Port Number field to a default port number of 636.

9.Click Save to save your changes.

If you selected Use SSL in Certificate-based Trust Mode, the Certificates heading will appear in the side navigation bar. Go to step 8.

If you selected Do Not Use SSL or Use SSL in Trust All Mode, go to step 15.

10.Click Certificates. The Authentication Service Certificate Management - LDAP window will open and list all servers that belong to the domain. A status of Trusted indicates the certificate is trusted, based on the certificate policy (see System certificate policy and trust store on page 47); Untrusted indicates the certificate cannot be trusted.

11.To register certificates, click the checkbox to the left of the server IP address(es). To select all server IP addresses on the page, click the checkbox to the left of the IP Address heading.

12.Click Register to register the certificates. The Accept SSL Certificate window will appear.

13.Click Save to store the certificate values to the DSView 3 software database on the host.

The Certificate Management window will open if only one certificate was selected. If more than one certificate was selected, each will appear in order in subsequent Accept SSL Certificate windows.

14.To unregister one or more certificates, check the checkbox to the left of the server IP address(es). To select all server IP addresses on the page, click the checkbox to the left of the IP Address heading.

15.Click Unregister to unregister the certificates.

16.A confirmation message box will appear. Confirm or cancel the operation.

17.Click Close. The User Authentication Services window will open.

To change user schema settings for the LDAP external authentication service:

1.Click the Users tab.

2.Click Authentication Services in the top navigation bar. The User Authentication Services window will open.

Page 111
Image 111
Avocent SPC420 manual Authentication Services