Manuals
/
Schneider Electric
/
Computer Equipment
/
Switch
Schneider Electric
manual LDAP Implementation AP561x KVM Switches
Models:
AP561x
1
1
26
26
Download
26 pages
30.42 Kb
1
2
3
4
5
6
7
8
<
>
Click on Configure
Settings Used in this Lab
Enable LDAP Authentication
Authorization
Log into the Switch
Page 1
Image 1
LDAP Implementation AP561x KVM Switches
All content in this presentation is protected – © 2008 American Power Conversion Corporation
Page 2
Page 1
Image 1
Page 2
Contents
LDAP Implementation AP561x KVM Switches
Uses existing Schema Attribute field to store configuration setting
Does not require LDAP Schema to be touched
LDAP Implementation
Allows easy implementation
Basic
IP KVM authentication levels
Attribute
Group
Settings Used in this Lab
Server1 Server2 KVM IPKVM1Server3
LDAP Lab Layout
LDAP Server
OBWI Client
Synchronize Server Module names to AD Computer Object names
APC by Schneider Electric
Name the Server Modules via the Local Port OSD
Active Directory Tasks
StartProgramsAdministrative ToolsActive Directory Users and Computers
2. Select New Organizational Unit
This is a special user account specifically for LDAP
queries instead of using the Admin account
Create User to Browse the Directory
APC by Schneider Electric
Create two groups for IP KVM switch administrators and users
2. Choose New Group
1. Right-click IPKVM OU
APC by Schneider Electric
NOTE In a production environment, groups in the Active Directory IPKVM OU would match the organizations hierarchy, usually by function, geography, or a combination
Server Modules to the appropriate groups that associate them
Add the users and
2. Click Properties
5. Click Object Types 6. Select Computers and Users
Create Computer Object in AD for the IP KVM Switch
APC by Schneider Electric
Log into the Switch
From the Configure screen, select SNMP and name the switch IPKVM1
Name the Switch
APC by Schneider Electric
Click on Authentication under Appliance in the Configuration Menu
Enable LDAP Authentication
APC by Schneider Electric
Check the Use LDAP Authentication box. On the Server Parameters tab, enter the IP address of the Primary Server 192.168.5.100 domain controller
Configure LDAP Search Parameters
APC by Schneider Electric
Leave Query Parameter at Basic
Test the basic LDAP Authentication
Basic Summary
Very basic Quick to set up All users have administrator rights
Ideal for smaller customers
APC by Schneider Electric
Group Based Authentication
Query Mode IP KVM Switch and Group Attribute for Query Mode Server
Click on Configure
Change LDAP Query to Group
Enter the Group Container IPKVM and test again
APC by Schneider Electric
Highly granular security Port level control
Group Summary
Attributes set to groups rather than individual users Hugely scalable
Ideal for Enterprise customers
APC by Schneider Electric
Conclusion