Administration
RADIUS Settings
To allow authorization for the
1.Check Enable in the RADIUS section of the ANMS screen.
2.Fill in the IP addresses and port numbers for the Primary and Alternate RADIUS servers.
3.In the Timeout field, set the time in seconds that the
4.In the Retries field, set the number of allowed RADIUS retries.
5.In the Shared Secret field, key in the character string that you want to use for authentication between the
6.On the RADIUS server, set the access rights for each user according to the information in the table below:
Character | Meaning |
|
|
C | Grants the user administrator privileges, allowing the user to configure the system. |
|
|
W | Allows the user to access the system via the Windows Client program. |
|
|
J | Allows the user to access the system via the Java applet. |
|
|
L | Allows the user to access log information via the user’s browser. |
|
|
V | Limits the user’s access to only viewing the video display. |
|
|
S | Allows the user to use the Virtual Media function. |
|
|
RADIUS Server access rights examples are given in the table, below:
String | Meaning | |
C, W | User has administrator privileges; user can access the system via the Windows Client. | |
W, J, L | User can access the system via the Windows Client; user can access the system via the Java Applet; user can access log | |
information via the user’s browser. | ||
| ||
|
|
Note: Characters are not case sensitive. Characters are comma delimited.
LDAP Authentication Settings
To allow authentication and authorization for the
Item | Description | |
|
| |
Enable | Put a check in the Enable checkbox to allow LDAP / LDAPS authentication and authorization. | |
|
| |
LDAP / LDAPS | Click to specify whether to use LDAP or LDAPS. | |
|
| |
| Click on Enable Authorization if you want it enabled. | |
| 1. If enabled, the LDAP / LDAPS server directly returns a ‘permission’ attribute and authorization for the user that is | |
| logging in. With this selection the LDAP schema must be extended. (See LDAP Server Configuration, page xx, for | |
Enable Authorization | details.) | |
2. If not enabled, the server returns a result that depends on whether the user that is logging in belongs to the | ||
| ||
| Admin Group. If the result is ‘yes’ the user has full access rights (See Administrator Access Rights, page 22); if the result | |
| is ‘no’, the user has limited access rights. (See User Access Rights, page 22.) | |
| Note: Consult the LDAP / LDAPS administrator to ascertain whether to enable the Enable Authorization function, or not. | |
|
| |
LDAP Server IP and | Fill in the IP address and port number for the LDAP or LDAPS server. For LDAP, the default port number is 389; for | |
Port | LDAPS, the default port number is 636. | |
|
| |
Timeout | Set the time in seconds that the | |
|
| |
LDAP Administrator | Consult the LDAP / LDAPS administrator to ascertain the appropriate entry for this field. For example, the entry might | |
DN | look like this: | |
LDAP Administrator | Key in the LDAP administrator’s password. | |
Password | ||
| ||
| Set the distinguished name of the search base. This is the domain name where the search starts for user names. | |
Search DN | Note: If Enable Authorization is not checked, this field must include the entry where the | |
| created. Consult the LDAP / LDAPS administrator to ascertain the appropriate value. | |
|
| |
| Key in the Group Name for | |
Note: If Enable Authorization is not checked, this field is used to authorize users that are logging in. If a user is in this | ||
Group | group, the user receives full access rights. If a user is not in this group, the user only receives limited access rights. | |
| Consult the LDAP / LDAPS administrator to ascertain the appropriate value. | |
|
|
19
