Avocent DSR1010 User Manual
54
DSR Switch Installer/User Guide
Configuring LDAP
LDAP is a vendor-independent protocol standard used for accessing, querying and updating a
directory using TCP/IP. Based on the X.500 Directory Services model, LDAP is a global directory
structure that supports strong security features including authentication, privacy and integrity.
directory using TCP/IP. Based on the X.500 Directory Services model, LDAP is a global directory
structure that supports strong security features including authentication, privacy and integrity.
If individual user accounts are stored on an LDAP-enabled directory service, such as Active
Directory, you can use the directory service to authenticate users. The default values given for the
LDAP search and query parameters are defined for use with Active Directory.
Directory, you can use the directory service to authenticate users. The default values given for the
LDAP search and query parameters are defined for use with Active Directory.
The settings made in the on-board web interface let you configure your authentication
configuration parameters. The software sends the username, password and other information to the
appliance, which then determines whether the user has permission to view or change configuration
parameters for the appliance in the on-board web interface.
configuration parameters. The software sends the username, password and other information to the
appliance, which then determines whether the user has permission to view or change configuration
parameters for the appliance in the on-board web interface.
NOTE:
Unless otherwise specified, the LDAP default values should be used unless Active Directory has been
reconfigured. Modifying the default values may cause LDAP authentication server communication errors.
LDAP Overview parameters
On the LDAP Overview page in the on-board web interface, you can configure the LDAP
authentication priority and the parameters that define LDAP server connection information.
authentication priority and the parameters that define LDAP server connection information.
LDAP authentication priority
In the LDAP Priority section of the on-board web interface, you can disable LDAP, or you can set
the authentication priority by choosing whether local authentication or LDAP authentication should
happen first.
the authentication priority by choosing whether local authentication or LDAP authentication should
happen first.
To configure LDAP authentication priority parameters:
1.
Select Appliance - Appliance Settings - User Accounts - LDAP Accounts - Overview.
2.
Select either LDAP Disabled, LDAP before Local or LDAP after Local for the LDAP Priority.
3.
Click Save.
LDAP servers
The Address fields specify the host names or IP addresses of the primary and secondary LDAP
servers. The secondary LDAP server is optional.
servers. The secondary LDAP server is optional.
The Port fields specify the User Datagram Protocol (UDP) port numbers that communicate with the
LDAP servers. The default value is 389 for non-secure LDAP and 636 for secure LDAP (LDAPS).
The default Port ID is automatically entered by the software when an access type is specified.
LDAP servers. The default value is 389 for non-secure LDAP and 636 for secure LDAP (LDAPS).
The default Port ID is automatically entered by the software when an access type is specified.
The Access Type radio buttons specify how a query is sent to each LDAP target device. When
using LDAP, all usernames, passwords and other information sent between an appliance and LDAP
server are sent as non-secure clear text. Use LDAPS for secure encrypted communication between
an appliance and LDAP server.
using LDAP, all usernames, passwords and other information sent between an appliance and LDAP
server are sent as non-secure clear text. Use LDAPS for secure encrypted communication between
an appliance and LDAP server.