Tripp Lite B051-000 LDAP Authentication Settings, LDAP Conguration

LDAP Authentication SettingsLDAP Conﬁguration

AP Operation

To allow authentication and authorization for the B051-000 via LDAPS, do the following:

1. Check Enable in the LDAP Authenticatio n Settings section of the ANMS screen.

2. Select either the LDAP or LDAPS radio button.

3. Check the Enable Authorization check box.

4.FillintheIPaddressandportnumberfortheLDAPorLDAPSser ver.ForLDAP,thedefaultportnumberis389;forLDAPS,thedefaultport

number is 636.

5. In the Timeout ﬁeld: Set the time in seconds that t he B051-000 waits for an LDAP or LDAPS server reply before it times out.

6. In the LDAP Administrator DN ﬁeld, set the ‘root’ point for the L DAP manager to bind to the server.

7. In the Search DN ﬁeld, set the distinguished name of the sea rch base (i.e. the domain name where the search start s for the user name).

8. In the B051-000 Admin Group ﬁeld, key in the nam e of the LDAP manager. (This ﬁeld is optional.)

9. In the LDAP Administrator Password ﬁeld, key in the LDAP man ager’s password. (This ﬁeld is optional.)

10. On the LDAP server, set the access rights for each user. (See LDAP Conﬁguration below for details on set ting up LDAP for use with the

B051-000.)

Active Directory

To allow authentication and authorization for the B051-000 via LDAP

or LDAPS, the Active Directory’s LDAP Schema must be extended

so that an extended attribute name for the B051-000 – permiss ion – is

added as an optional attribute to the person class.

• Authenticationrefers to determin ing the authenticity of the person

logging in.

• Authorizationrefers to assigning permission to use t he device’s

various features.

In order to conﬁgure the LDAP server, you will have to complete the

followingprocedures:1)InstalltheWindows2003SupportTools;

2)InstalltheActiveDirectorySchemaSnap-in;and3)Ext endand

Update the Active Directory Schema.

Install the Windows 2003 Suppor t Tools

1. On the CD that came with the B051-000, open the Support → Too ls

folder.

2. In the right panel of the dialog box that comes up, double click

SupTools.msi.

3. Follow along with the Installation Wizard to complete the

procedure.

Install the Active Directory Schem a Snap-in

1. Open a Command prompt.

2. Key in regsvr32 schmmgmt.dll to register schmmgmt.dll

on your computer.

3. Open the Start menu. Click Run and key in mm c /a. Click OK.

4. On the File menu of the screen that appears, click Add/Remove

Snap-in, then click Add.

5. Under Available Standalone Snap-ins, double click Active

Directory Schema, click Close and click OK.

6. On the screen you are in, open the File menu and click Save.

7. For Save in, specify the C:\Windows \system32 di rect ory.

8. For File name, key in schmmgmt.msc.

9. Click Save to complete the procedure.

Extend and Update the Active Directo ry Schema

Step 1 - Create a New Attribute:

a) Open Control Panel → Administrative Tools → Active

Directory Schema.

b) In the left panel of the screen that comes up, right-click Attributes:

c) Select New → Attribute.

d) In the warning message that appears, click Continue to bring up

the Create New Attribute dialog box.

e) Fill in the dialog box, then click OK to complete Step 1 of the

procedure.