APC AP5616 User Manual
Chapter 8: Configuring LDAP 101
To configure LDAP authentication priority parameters:
1.
Select Configure — Appliance — Authentication — Authentication Settings.
2.
Select either Use Local Authentication, Use LDAP Authentication, Use Local First or Use
LDAP First.
LDAP First.
3.
Click Save.
LDAP server parameters
The IP Address fields specify the host names or IP addresses of the primary and secondary LDAP
servers. The second LDAP server is optional.
servers. The second LDAP server is optional.
The Port ID fields specify the User Datagram Protocol (UDP) port numbers used to communicate
with the LDAP servers. The default is 389 for non-secure LDAP and 636 for secure LDAP. The
default Port ID is automatically entered by the software when an access type is specified.
with the LDAP servers. The default is 389 for non-secure LDAP and 636 for secure LDAP. The
default Port ID is automatically entered by the software when an access type is specified.
NOTE: The Access Type radio buttons specify how a query is sent to each LDAP target device. You may choose
either LDAP or LDAPS. Choose LDAP to send all user names, passwords and other information as a non-secure
clear text between a KVM switch and LDAP server. Choose LDAPS for secure, encrypted communication using
a secure sockets layer (SSL).
either LDAP or LDAPS. Choose LDAP to send all user names, passwords and other information as a non-secure
clear text between a KVM switch and LDAP server. Choose LDAPS for secure, encrypted communication using
a secure sockets layer (SSL).
To configure LDAP server parameters:
1.
Select Appliance — Authentication — Server.
2.
Identify the primary and secondary server addresses, port and access type in the appropriate
fields or radio buttons.
fields or radio buttons.
3.
Click Save.
LDAP search parameters
Clicking the Search tab displays the parameters used when searching for LDAP directory service
users.
users.
Use the Search DN field to define an administrator-level user that the KVM switch uses to log into
the directory service. Once the KVM switch is authenticated, the directory service grants it access
to the directory to perform the user authentication queries specified on the Query tab. The default
values are cn=Administrator, cn=Users, dc=yourDomainName and dc=com and may be modified.
For example, to define an administrator Distinguished Name (DN) for test.view.com, type
cn=Administrator, cn=Users, dc=test, dc=view and dc=com. This is a required field unless the
directory service has been configured to enable anonymous search, which is not the default.
the directory service. Once the KVM switch is authenticated, the directory service grants it access
to the directory to perform the user authentication queries specified on the Query tab. The default
values are cn=Administrator, cn=Users, dc=yourDomainName and dc=com and may be modified.
For example, to define an administrator Distinguished Name (DN) for test.view.com, type
cn=Administrator, cn=Users, dc=test, dc=view and dc=com. This is a required field unless the
directory service has been configured to enable anonymous search, which is not the default.
Each Search DN value must be separated by a comma. The Search Password field is used to
authenticate the administrator or user specified in the Search DN field.
authenticate the administrator or user specified in the Search DN field.
Use the Search Base field to define a starting point from which LDAP searches begin. The default
values are dc=yourDomainName, dc=com and may be modified. For example, to define a search
base for test.com, type dc=test, dc=com. Each Search Base value must be separated by a comma.
values are dc=yourDomainName, dc=com and may be modified. For example, to define a search
base for test.com, type dc=test, dc=com. Each Search Base value must be separated by a comma.