the physical switch and one Association Object. The Association object is used to link together the users or groups with a specific set of privileges to one or more SIPs. This model provides an Administrator maximum flexibility over the different combinations of users, RCS privileges, and SIPs on the Remote Console Switch without adding too much complexity.

The RCS Device Object is the link to the Remote Console Switch for querying Active Directory for authentication and authorization. When a Remote Console Switch is added to the network, the Administrator must configure the Remote Console Switch and its device object with its Active Directory name so that users can perform authentication and authorization with Active Directory. The Administrator will also need to add the Remote Console Switch to at least one Association Object in order for users to authenticate.

You can create as many Association Objects as you want, and each Association Object can be linked to as many users, groups of users, or RCS Device Objects as desired. The users and RCS Device Objects can be members of any domain in the enterprise.

However, each Association Object may be linked (or, may link users, groups of users, or RCS Device Objects) to only one Privilege Object. A Privilege Object allows an Administrator to control which users have what kind of privileges on specific SIPs.

Figure 9-6 illustrates that the Association Object provides the connection that is needed for all of the Authentication and Authorization.

LDAP Feature for the Remote Console Switch

198

Page 215
Image 215
Dell 2321DS manual 198