Sentry Industries PT22 ユーザーズマニュアル
LDAP
The Sentry family of products supports Lightweight Directory Access Protocol (LDAP) Version 3. This
support enables authentication with LDAP servers; user accounts do not need to be individually created
locally on each Sentry device.
support enables authentication with LDAP servers; user accounts do not need to be individually created
locally on each Sentry device.
This allows administrators to pre-define and configure (in each Sentry product, and in the LDAP
server) a set of necessary LDAP Groups, and access rights for each. User’s access rights can then be
assigned or revoked simply by making the user a member of one-or-more pre-defined Sentry LDAP
Groups. User accounts can be added, deleted, or changed in the LDAP server without any changes
needed on individual Sentry products.
server) a set of necessary LDAP Groups, and access rights for each. User’s access rights can then be
assigned or revoked simply by making the user a member of one-or-more pre-defined Sentry LDAP
Groups. User accounts can be added, deleted, or changed in the LDAP server without any changes
needed on individual Sentry products.
Sentry 5.3b LDAP support has been tested in the following environments:
• Microsoft Active Directory (MSAD)
• Novell eDirectory (eDir)
• OpenLDAP
LDAP Command Summary
Command Description
Set Authorder
Specifies the authentication order for each new session attempt
Set LDAP
Enables/disables LDAP support
Set LDAP HostIP
Sets the IP address of the Directory Services server
Set LDAP Port
Sets the LDAP server port number
Set LDAP Bind
Specifies the LDAP bind request password type
Set LDAP BindDN
Specifies the user account Fully-Qualified Distinquished Name (FQDN) for binds
Set LDAP BindPW
Specifies the user account password for binds
Set LDAP GroupAttr
Specifies the user class distinguished name (DN) or names of groups a user is a
member of
member of
Set LDAP GroupType
Specifies the data type for the Set LDAP GroupAttr command
Set LDAP UserBaseDN
Sets the base distinguished name (DN) for the username search at login
Set LDAP UserFilter
Sets the filter used for the username search at login
Show LDAP
Displays LDAP configurations
Set DNS
Sets the IP address of the Domain Name server
Ping
Verifies proper DNS configuration by name resolution
Show Network
Displays network configuration information
Create LDAPGroup
Adds an LDAP group name
Remove LDAPGroup
Deletes an LDAP group name
Add GrouptoLDAP
Grants an LDAP group access to one or more groups
Add OutlettoLDAP
Grants an LDAP group access to one or all outlets
Add PorttoLDAP
Grants an LDAP group access to one or serial ports
Delete GroupfromLDAP
Removes access to one or more groups for an LDAP group
Delete OutlettoLDAP
Removes access to one or more outlets for an LDAP group
Delete PortfromLDAP
Removes access to one or more serial ports for an LDAP group
Set LDAPGroup Access
Sets the access level for an LDAP group
Set LDAPGroup Envmon
Grants or removes privileges to view input and environmental monitoring status
List LDAPGroup
Displays all accessible outlet/groups/ports for an LDAP group
List LDAPGroups
Displays privilege levels for all LDAP groups
54
• Advanced Operations
Sentry PT22
Installation and Operations Manual