Manualsbrain.com
  1. Manuales
  2. Marcas
  3. Black Box
  4. ServSwitch iPATH
  5. Manual De Usuario

Black Box ServSwitch iPATH Manual De Usuario

Descargar
Página de 46
Chapter 4: Configuration
724-746-5500   |   blackbox.com 
Page 39
4.8.5 Users > Active Directory
To simplify integration alongside existing systems within organizations, ServSwitch iPATH can be synchronized with an LDAP/
Active Directory server. This allows a list of users (and user groups), together with usernames and group memberships to be 
quickly imported and kept up to date.
4.8.5.1 Initial Configuration
The basic Active Directory (AD) server details are defined in the Dashboard > Settings page. Once configured, the Users > Active 
Directory page (called “Import Users from Active Directory”) will allow you to scan the AD server for a list of folders and users/
groups within those folders.
4.8.5.2 Choosing Users and Groups
Once scanned, the “Import Users from Active Directory” page shows all folders that are available on the AD server. 
1  Use the “Include Users” and “Include Groups” checkbox columns on the right hand side of the folder lists to select which 
items to import (with optional additional LDAP filters where necessary).
•  If an AD user was not in the ServSwitch iPATH user database, they will be imported.
•  If an AD user is already in the ServSwitch iPATH user database, they are kept.
•  If an AD user is NOT marked for import/sync from the AD import page, and they already exist in the ServSwitch iPATH user
database, they will be removed from the ServSwitch iPATH user database during the sync operation. 
  IMPORTANT: It is vital to ensure that all users you want in the ServSwitch iPATH system are always selected for import/sync, 
otherwise they will be removed.
2  You can choose to
 
synchronize
 
immediately or to preview the results of your settings:
•  Click the “Preview” button to view the list of users that will be added/updated/removed on this synchronization. Once
previewed, you can either go ahead with the sync or return to the filter page and edit your settings.
•  Click the “Save & Sync” button to synchronize the selected items into the ServSwitch iPATH user database.
Note: ServSwitch iPATH will only import folders/groups/users up to the limit set by the AD server. There is a known issue: 
ServSwitch iPATH can only import x users/groups from AD where x is the limit set on the AD server. Any users/groups beyond this 
limit will not be imported.
4.8.5.3 Active Directory Tips
•  A backup schedule is recommended so that any changes on the AD server are carried across to the ServSwitch iPATH server
regularly. You can choose from hourly/daily or weekly syncs. The settings/filters saved on this screen will be applied to each 
subsequent sync, ensuring that your list of users is kept accurate.
•  To temporarily remove a particular user from ServSwitch iPATH access, without having to make complicated LDAP filters, simply
edit the ServSwitch iPATH user to be suspended (see Users > Add User or Configure User page). Even though they will 
continue to be imported/synced from AD, they will be prevented from logging on.
•  All LDAP filters should be self-contained, e.g: (!(cn=a*))
•  Be sure to save any changes made to the sync settings before clicking the “sync-now” option. Otherwise, the next scheduled
sync operation will overwrite any user changes you made in your “sync-now.” 
•  User groups are only imported from AD to ServSwitch iPATH if they contain users that are set to be imported too (i.e. a group
will not be imported, even if it contains users, unless its users match the sync filters).
•  Associations between users and user groups can only be made on the AD server - it is not possible to edit user/user-group
membership for AD users/groups on the ServSwitch iPATH server.
•  Users and groups are technically “synchronized” rather than “imported” - each time a sync takes place, details are updated
and if a user no longer matches the sync filters, they will be removed from the ServSwitch iPATH user list.