Western Telematic - page 58

In order to apply the LDAP feature, you must first define User Names and associated

Passwords and group membership via your LDAP server, and then access the RSM

command mode to enable and configure the LDAP settings and define port access

rights and command access rights for each group that you have specified at the LDAP

server.

To access the LDAP Parameters menu, access the command mode using a port and

password that permit access to Supervisor Level commands and then proceed as

LDAP Parameters link to display the LDAP Parameters menu (Figure 5.23.)

• Port access rights are not defined at the LDAP server. They are defined via

the LDAP Group configuration menu on each RSM unit and are specific to

that RSM unit alone.

• When LDAP is enabled and properly configured, LDAP authentication will

supersede any passwords and access rights that have been defined via the

RSM user directory.

• If no LDAP groups are defined on a given RSM unit, then access rights will

be determined as specified by the "default" LDAP group.

• Primary Host: Defines the IP address or domain name (up to 64 characters) for

the primary LDAP server. (Default = undefined.)

• Secondary Host: Defines the IP address or domain name (up to 64 characters) for

the secondary (fallback) LDAP server. (Default = undefined.)

• Bind Type: Sets the LDAP bind request password type. Note that in the Text

Interface, when the Bind Type is set to "Kerberos" LDAP menu will include an

additional prompt (item 14) that is used to select Kerberos parameters as described

in Section 5.8.7.5. In the Web Interface, the link to the kerberos parameters menu

is located at the bottom of the LDAP Parameters Menu. (Default = Simple.)

• Search Bind DN: Selects the user name who is allowed to search the LDAP