ZyXEL Communications 100 Series, 200 Series 39.2 Active Directory or LDAP Default Server Screen

Chapter 39 AAA Server

RADIUS (Remote Authentication Dial-In User Service) authentication is a popular protocol used to authenticate users by means of an external or built-in RADIUS server. RADIUS authentication allows you to validate a large number of users from a central location.

Finding Out More

See Section 6.5.3 on page 149 for an example of how to set up user authentication using a radius server.

39.2 Active Directory or LDAP Default Server Screen

Directory Structure

The directory entries are arranged in a hierarchical order much like a tree structure. Normally, the directory structure reflects the geographical or organizational boundaries. The following figure shows a basic directory structure branching from countries to organizations to organizational units to individuals.

Figure 463 Basic Directory Structure

Common Name (cn)

Distinguished Name (DN)

A DN uniquely identifies an entry in a directory. A DN consists of attribute-value pairs separated by commas. The leftmost attribute is the Relative Distinguished Name (RDN). This provides a unique name for entries that have the same “parent DN” (“cn=domain1.com, ou=Sales, o=MyCompany” in the following examples).

cn=domain1.com, ou = Sales, o=MyCompany, c=US cn=domain1.com, ou = Sales, o=MyCompany, c=JP

Base DN

A base DN specifies a directory. A base DN usually contains information such as the name of an organization, a domain name and/or country. For example, o=MyCompany, c=UK where o means organization and c means country.