Aaa Server; Chapter 44 Aaa Server; Overview; Directory Service (Ad/Ldap) - ZyXEL Communications USG-100@USG-200 - V2.20 ED 2 Manual

C
H A P T E R

44.1 Overview

You can use a AAA (Authentication, Authorization, Accounting) server to provide
access control to your network. The AAA server can be a Active Directory, LDAP, or
RADIUS server. Use the AAA Server screens to create and manage objects that
contain settings for using AAA servers. You use AAA server objects in configuring
ext-group-user user objects and authentication method objects (see
on page 779).

44.1.1 Directory Service (AD/LDAP)

LDAP/AD allows a client (the ZyWALL) to connect to a server to retrieve
information from a directory. A network example is shown next.
Figure 507 Example: Directory Service Client and Server
The following describes the user authentication procedure via an LDAP/AD server.
A user logs in with a user name and password pair.
1
The ZyWALL tries to bind (or log in) to the LDAP/AD server.
2
When the binding process is successful, the ZyWALL checks the user information
3
in the directory against the user name and password pair.
If it matches, the user is allowed access. Otherwise, access is blocked.
4
ZyWALL USG 100/200 Series User's Guide
44

AAA Server

Chapter 45
769