DISABLING PASSWORD EXPIRATION

You must disable password expiration before enabling LDAP to prevent user management conflicts between the system manager and the LDAP server.

1.Log on to the WS5200 application as an administrator.

2.Click the System Configuration tab if it is not already selected.

3.Scroll down to Password Settings, and click Off.

4.Click Apply.

You can now configure LDAP authentication.

CONFIGURING LDAP AUTHENTICATION

1.Navigate to the LDAP page.

2.Select Enable LDAP

3.Type the hostname or IP address of the LDAP server in the Server name field.

4.Edit the Server port field if the LDAP server is not on the default port (389).

5.Configure Search Settings for your LDAP server.

6.Click Save.

CONFIGURING SEARCH SETTINGS FOR SIMPLE LDAP AUTHENTICATION

Configuring search settings for simple LDAP authentication only requires the Base DN and the Search Attributes fields. Leave other fields blank. When inputting multiple entries in a field, separate entries with commas.

1.Type a distinguished name (DN) that will be combined with a user attribute key and value pair in the Base DN field.

2.Type an attribute key name that is combined with the User Name attribute in the Search Attributes field.

CONFIGURING SEARCH SETTINGS FOR TWO STAGE LDAP AUTHENTICATION

Configuring search settings for two-stage LDAP authentication requires all fields. When typing multiple entries in a field, separate entries with commas.

1.Type the distinguished name (DN) that acts as the basis for user searches by User Name in the Base DN field.

2.Type a fully qualified DN associated with a service account that will bind with the LDAP server and perform user searches in the Service DN field.

3.Type the password that allows the service DN to bind with the LDAP server in the Service DN Password field.

4.Type the two attribute keys that are combined with the User Name attribute; separate the two keys with a comma.

The first key identifies the attribute containing the user name.

The second key identifies the fully qualified DN used for the second bind and credential validation.

TESTING LDAP SEARCH SETTINGS

1.Navigate to the LDAP page.

2.Click Test.

3.Input the User Name and Password for a valid user in the LDAP database.

4.Click Test Connection.

If the connection passes, your LDAP configuration is valid. If the connection fails, verify your LDAP Server Settings and Search Settings and try again.

C5619M (8/12)

21

Page 21
Image 21
Pelco SM5200 manual Disabling Password Expiration, Configuring Ldap Authentication, Testing Ldap Search Settings