Table of Contents
Advertisement
LDAP mode
In LDAP mode, the directory provides complete control of switch user access: user ID, password, and
rights to individual servers and switches. Two types of queries can occur in LDAP mode:
x Console switch query – An attempt by a switch user to perform an action requiring switch
administrative rights. In response, the directory will check whether the user has administrator
access.
x Server query – An attempt by a switch user to view the console of a specific server. In response, the
directory will verify whether the user has access rights to the requested server console.
LDAP mode can process switch user queries using one of three sub modes: Basic mode, User Attribute
mode, or Group Attribute mode.
LDAP Basic mode
In Basic mode (Figure 12), only the user ID and password are checked against the directory. If the
user exists and the password is correct, then the user obtains access without further validation.
Note
For security reasons, HP recommends using LDAP Basic mode only for
testing connectivity.
Figure 12. Query processing in LDAP Basic mode
1.
Request to view
server console
Switch User
5.
Switch response
(If credentials are valid,
switch grants access to
anything.)
2.
User ID + password
forwarded by LDAP
Switch
4.
Directory response
Domain
Controller
Server
3.
Directory checks User
ID and password for
validity.
Hide quick links:
Advertisement
Chapters
Table of Contents
