Raritan Computer Home Security System 用户手册
Chapter 12: Remote Authentication
163
Specify a Username for AD
When authenticating CC-SG users on an AD server by specifying
cn=administrator,cn=users,dc=xyz,dc=com in username, if a CC-SG
user is associated with an imported AD group, the user will be granted
access with these credentials. Note that you can specify more than one
common name, organizational unit, and domain component.
cn=administrator,cn=users,dc=xyz,dc=com in username, if a CC-SG
user is associated with an imported AD group, the user will be granted
access with these credentials. Note that you can specify more than one
common name, organizational unit, and domain component.
Specify a Base DN
You also enter a Distinguished Name to specify where the search for
users begins. Enter a Distinguished Name in the Base DN field to specify
an AD container in which the users can be found. For example, entering:
ou=DCAdmins,ou=IT,dc=xyz,dc=com will search all users in the
DCAdmins and IT organizational units under the xyz.com domain.
users begins. Enter a Distinguished Name in the Base DN field to specify
an AD container in which the users can be found. For example, entering:
ou=DCAdmins,ou=IT,dc=xyz,dc=com will search all users in the
DCAdmins and IT organizational units under the xyz.com domain.
Specifying Modules for Authentication and Authorization
Once you have added all the external servers as modules in CC-SG,
specify whether you want CC-SG to use each of them for either
authentication, authorization, or both.
specify whether you want CC-SG to use each of them for either
authentication, authorization, or both.
To specify modules for authentication and authorization:
1. Choose Administration > Security.
2. Click the Authentication tab. All configured external Authorization
and Authentication Servers appear in a table.
3. For each server listed:
a. Select the Authentication checkbox if you want CC-SG to use
the server for authentication of users.
b. Select the Authorization checkbox if you want CC-SG to use the
server for authorization of users. Only AD servers can be used
for authorization.
for authorization.
4. Click Update to save your changes.
Establishing Order of External AA Servers
CC-SG will query the configured external authorization and
authentication servers in the order that you specify. If the first checked
option is unavailable, CC-SG will try the second, then the third, and so
on, until it is successful.
authentication servers in the order that you specify. If the first checked
option is unavailable, CC-SG will try the second, then the third, and so
on, until it is successful.
To establish the order in which CC-SG uses external
authentication and authorization servers:
1. Choose Administration > Security.