Fujitsu KVM series3-Client ユーザーズマニュアル
Configuring LDAP
Appliance Management Panel
70
590-590-609A
Complete one of the following steps:
•
Click Apply to save any changes without exiting the AMP.
-or-
•
Click OK to save any changes and exit the AMP.
-or-
•
Click Cancel to exit the AMP without saving any changes.
For example, if LDAP is enabled as the first authentication method, followed by Local,
the following process occurs:
the following process occurs:
•
The appliance attempts LDAP authentication by querying its Management
Information Base (MIB) to obtain the LDAP parameters specified in the LDAP
Parameters field, which are then sent to and verified on the LDAP directory
service.
Information Base (MIB) to obtain the LDAP parameters specified in the LDAP
Parameters field, which are then sent to and verified on the LDAP directory
service.
•
If LDAP authentication fails, the appliance attempts local authentication.
•
If local authentication also fails, an error code is returned for the highest priority
authentication method attempted, which in this case is LDAP.
authentication method attempted, which in this case is LDAP.
5.3
Configuring LDAP
LDAP is a vendor-independent protocol standard used for accessing, querying, and
updating a directory using TCP/IP. Based on the X.500 Directory Services model, LDAP
is a global directory structure that supports strong security features including
authentication, privacy, and integrity.
updating a directory using TCP/IP. Based on the X.500 Directory Services model, LDAP
is a global directory structure that supports strong security features including
authentication, privacy, and integrity.
5.3.1
LDAP authentication configuration parameters
If individual user accounts are stored on an LDAP-enabled directory service, such as
Active Directory, you can use the directory service to authenticate users.
Active Directory, you can use the directory service to authenticate users.
The default values given for the LDAP search and query parameters are defined for use
with Active Directory.
with Active Directory.
The settings made in the Global - Authentication subcategory of the AMP Settings
tab let you configure your authentication configuration parameters. The software sends
the KVM s3 Client user name, password, and other information to the appliance, which
then determines whether the KVM s3 Client user has permission to view or change
configuration parameters for the appliance in the AMP.
tab let you configure your authentication configuration parameters. The software sends
the KVM s3 Client user name, password, and other information to the appliance, which
then determines whether the KVM s3 Client user has permission to view or change
configuration parameters for the appliance in the AMP.
Important: Unless otherwise specified, the LDAP default values should be used unless
Active Directory has been reconfigured. Modifying the default values may cause LDAP
authentication server communication errors.
Active Directory has been reconfigured. Modifying the default values may cause LDAP
authentication server communication errors.