ZyXEL Communications NXC2500 User Manual page 261

Table 136 Configuration > Object > AAA Server > Active Directory (or LDAP) > Add/Edit
LABEL DESCRIPTION
Search time limit Specify the timeout period (between 1 and 300 seconds) before the NXC disconnects from
the AD server. In this case, user authentication fails.
Search timeout occurs when either the user information is not in the AD or LDAP server or
the AD or LDAP server is down.
Case-sensitive Select this if the server checks the case of the usernames.
User Names
Bind DN Specify the bind DN for logging into the AD or LDAP server. Enter up to 127
alphanumerical characters.
For example,
Password If required, enter the password (up to 15 alphanumerical characters) for the NXC to bind
(or log in) to the AD or LDAP server.
Retype to Confirm Retype your new password for confirmation.
Login Name Enter the type of identifier the users are to use to log in. For example "name" or "e-mail
Attribute address".
Alternative Login If there is a second type of identifier that the users can use to log in, enter it here. For
Name Attribute example "name" or "e-mail address".
Group Enter the name of the attribute that the NXC is to check to determine to which group a
Membership user belongs. The value for this attribute is called a group identifier; it determines to
Attribute which group a user belongs. You can add ext-group-user user objects to identify groups
based on these group identifier values.
For example you could have an attribute named "memberOf" with values like "sales",
"RD", and "management". Then you could also create a ext-group-user user object for
each group. One with "sales" as the group identifier, another for "RD" and a third for
"management".
Enable Select this to enable domain authentication for MSChap. MS-CHAP Microsoft CHAP
(Challenge Handshake Authentication Protocol) uses a challenge-response mechanism
where the response is encrypted.
Note: This is only for Active Directory.
User Name Enter the user name for the user who has rights to add a machine to the domain.
Note: This is only for Active Directory.
User Password Enter the password for the associated user name.
Note: This is only for Active Directory.
Retype to Confirm Retype your new password for confirmation.
Realm Enter the AD server's realm (network domain).
Note: This is only for Active Directory.
NetBIOS Name Enter the NetBIOS name of the AD or LDAP server. If you enter this, the NXC uses it with
the user name in the format NetBIOS\USERNAME to do authentication.
If you do not configure this, the NXC uses the format USERNAME@realm to do
authentication.
Configuration Use a user account from the server specified above to test if the configuration is correct.
Validation Enter the account's user name in the Username field and click Test.
OK Click OK to save the changes.
Cancel Click Cancel to discard the changes.
Chapter 24 AAA Server
specifies
cn=zyAdmin zyAdmin
NXC Series User's Guide
261
as the user name.