Table of Contents
Advertisement
The directory services option can be configured to operate in one of two basic modes: Authenticate
Only and LDAP (for authentication and authorization).
Note
With LDAP operation, if the directory service of the domain controller
is unavailable, the built-in, console switch administrator account still
has access to the switch and all connected servers. However, a user
must log into a connected server.
Authenticate Only mode
In Authenticate Only mode, the directory service of the domain controller validates switch users, but
the switch itself grants access to the requested server. User data exists in the both the switch and the
directory of the domain controller. Figure 11 illustrates how a switch user's query is processed in the
Authenticate Only mode.
Figure 11. Query processing in Authenticate Only mode
1.
Request to view
server console
Switch User
6.
Switch response
Note
In the Authenticate Only mode, the user account data in the switch
and the user account data in the directory must match exactly.
Switch
5.
If valid, switch grants
access to requested
server based on KVM
rights in switch.
If invalid, KVM
connection is denied.
2.
User ID + password
forwarded by LDAP
4.
Directory
3.
Directory checks User
response
ID and password for
validity.
Domain
Controller
Server
Hide quick links:
Advertisement
Chapters
Table of Contents
