ZyXEL Communications ZYWALL USG 20 Manual page 576

Chapter 37 AAA Server
organizational boundaries. The following figure shows a basic directory structure
branching from countries to organizations to organizational units to individuals.
Figure 341 Basic Directory Structure
Root
Distinguished Name (DN)
A DN uniquely identifies an entry in a directory. A DN consists of attribute-value
pairs separated by commas. The leftmost attribute is the Relative Distinguished
Name (RDN). This provides a unique name for entries that have the same "parent
DN" ("cn=domain1.com, ou=Sales, o=MyCompany" in the following examples).
cn=domain1.com, ou = Sales, o=MyCompany, c=US
cn=domain1.com, ou = Sales, o=MyCompany, c=JP
Base DN
A base DN specifies a directory. A base DN usually contains information such as
the name of an organization, a domain name and/or country. For example,
o=MyCompany, c=UK where o means organization and c means country.
Bind DN
A bind DN is used to authenticate with an LDAP/AD server. For example a bind DN
of cn=zywallAdmin allows the ZyWALL to log into the LDAP/AD server using the
user name of zywallAdmin. The bind DN is used in conjunction with a bind
password. When a bind DN is not specified, the ZyWALL will try to log in as an
anonymous user. If the bind password is incorrect, the login will fail.
Finding Out More
• See Section 7.5.3 on page 122
authentication using a radius server.
576
Sprint
US
UPS
Japan
NEC
Countries Organizations
for an example of how to set up user
Sales
RD3
QA
CSO
Sales
RD
Organization Units
Unique
Common
Name (cn)
ZyWALL USG 20/20W User's Guide