Manuals
/
Schneider Electric
/
Computer Equipment
/
Switch
Schneider Electric
AP561x manual Group Based Authentication
Models:
AP561x
1
22
26
26
Download
26 pages
30.42 Kb
19
20
21
22
23
24
25
26
<
>
Does not require LDAP Schema to be touched
From the Configure screen, select SNMP and name the switch IPKVM1
Very basic Quick to set up All users have administrator rights
Settings Used in this Lab
Enable LDAP Authentication
Authorization
StartProgramsAdministrative ToolsActive Directory Users and Computers
LDAP Implementation AP561x KVM Switches
Page 22
Image 22
Group Based Authentication
All content in this presentation is protected – © 2008 American Power Conversion Corporation
Page 21
Page 23
Page 22
Image 22
Page 21
Page 23
Contents
LDAP Implementation AP561x KVM Switches
LDAP Implementation
Does not require LDAP Schema to be touched
Uses existing Schema Attribute field to store configuration setting
Allows easy implementation
Attribute
IP KVM authentication levels
Basic
Group
Settings Used in this Lab
LDAP Server
LDAP Lab Layout
Server1 Server2 KVM IPKVM1Server3
OBWI Client
Synchronize Server Module names to AD Computer Object names
Name the Server Modules via the Local Port OSD
APC by Schneider Electric
Active Directory Tasks
StartProgramsAdministrative ToolsActive Directory Users and Computers
2. Select New Organizational Unit
Create User to Browse the Directory
queries instead of using the Admin account
This is a special user account specifically for LDAP
APC by Schneider Electric
1. Right-click IPKVM OU
2. Choose New Group
Create two groups for IP KVM switch administrators and users
APC by Schneider Electric
NOTE In a production environment, groups in the Active Directory IPKVM OU would match the organizations hierarchy, usually by function, geography, or a combination
2. Click Properties
Add the users and
Server Modules to the appropriate groups that associate them
5. Click Object Types 6. Select Computers and Users
Create Computer Object in AD for the IP KVM Switch
Log into the Switch
APC by Schneider Electric
From the Configure screen, select SNMP and name the switch IPKVM1
Name the Switch
APC by Schneider Electric
Click on Authentication under Appliance in the Configuration Menu
Enable LDAP Authentication
APC by Schneider Electric
Check the Use LDAP Authentication box. On the Server Parameters tab, enter the IP address of the Primary Server 192.168.5.100 domain controller
Configure LDAP Search Parameters
Leave Query Parameter at Basic
APC by Schneider Electric
Test the basic LDAP Authentication
Ideal for smaller customers
Very basic Quick to set up All users have administrator rights
Basic Summary
APC by Schneider Electric
Group Based Authentication
Change LDAP Query to Group
Click on Configure
Query Mode IP KVM Switch and Group Attribute for Query Mode Server
Enter the Group Container IPKVM and test again
APC by Schneider Electric
Attributes set to groups rather than individual users Hugely scalable
Group Summary
Highly granular security Port level control
Ideal for Enterprise customers
Conclusion
APC by Schneider Electric