Raritan Computer Home Security System 用户手册
Chapter 12: Remote Authentication
167
Select the Use Bind checkbox if the user logging in from the
applet has permissions to perform search queries in the AD
server. If a username pattern is specified in Bind username
pattern, the pattern will be merged with the username supplied in
the applet and the merged username will be used to connect to
the AD server.
server. If a username pattern is specified in Bind username
pattern, the pattern will be merged with the username supplied in
the applet and the merged username will be used to connect to
the AD server.
Example: If you specify cn={0},cn=Users,dc=raritan,dc=com and
TestUser has been supplied in the applet, then CC-SG uses
cn=TestUser,cn-Users,dc=raritan,dc=com to connect to the AD
server.
TestUser has been supplied in the applet, then CC-SG uses
cn=TestUser,cn-Users,dc=raritan,dc=com to connect to the AD
server.
Select the Use Bind After Search checkbox to use the username
and password you specified in the General tab to connect to the
AD server. The entry is searched in the specified Base DN and is
found if it meets the specified filtering criterion and if the attribute
“samAccountName” is equal to the username entered in the
applet. Then, a second connection is attempted using the
username and password supplied in the applet. This second
bind assures that the user provided the correct password.
AD server. The entry is searched in the specified Base DN and is
found if it meets the specified filtering criterion and if the attribute
“samAccountName” is equal to the username entered in the
applet. Then, a second connection is attempted using the
username and password supplied in the applet. This second
bind assures that the user provided the correct password.
7. Click Next to proceed. The Groups tab opens.
AD Group Settings
In the Groups tab, you can specify the exact location from which you
want to import AD user groups.
want to import AD user groups.
Important: You must specify Group settings before you can import
groups from AD.
groups from AD.
1. Click the Groups tab.
2. Specify a Base DN (directory level/entry) under which the groups,
containing the user to be authorized, will be searched.
Example
Description
dc=raritan,dc=com The
search query for the user
in the group will be made
over the whole directory
structure.
over the whole directory
structure.
cn=Administrators,cn=Users,dc=raritan,dc=c
om
om
The search query for the user
in the group will be performed
only in the Administrators
sub-directory (entry).
in the group will be performed
only in the Administrators
sub-directory (entry).
3. Type a user's attributes in the Filter field so the search query for the
user in the group will be restricted to only those entries that meet this
criterion.
criterion.
For example, if you specify cn=Groups,dc=raritan,dc=com as the
Base DN and (objectclass=group) as the Filter, then all entries that
are in the Groups entry and are of type group will be returned.
Base DN and (objectclass=group) as the Filter, then all entries that
are in the Groups entry and are of type group will be returned.