HPE FlexNetwork 10500 Series Security Configuration Manual page 28
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
8.
The LDAP server processes the request, and sends a response to notify the LDAP client of the
bind operation result. If the bind operation fails, the LDAP client uses another obtained user DN
as the parameter to send a user DN bind request to the LDAP server. This process continues
until a DN is bound successfully or all DNs fail to be bound. If all user DNs fail to be bound, the
LDAP client notifies the user of the login failure and denies the user's access request.
9.
The LDAP client saves the user DN that has been bound and exchanges authorization packets
with the authorization server.
If LDAP authorization is used, see the authorization process shown in
If another method is expected for authorization, the authorization process of that method
applies.
10. After successful authorization, the LDAP client notifies the user of the successful login.
Basic LDAP authorization process
The following example illustrates the basic LDAP authorization process for a Telnet user.
Figure 8 Basic LDAP authorization process for a Telnet user
Host
1) The user logs in by Telnet
8) The user logs in
The following shows the basic LDAP authorization process:
1.
A Telnet user initiates a connection request and sends the username and password to the
device. The device will act as the LDAP client during authorization.
2.
After receiving the request, the device exchanges authentication packets with the
authentication server for the user:
If LDAP authentication is used, see the authentication process shown in
−
−
If another authentication method is used, the authentication process of that method applies.
The device acts as the LDAP client. Skip to step 3.
3.
The LDAP client establishes a TCP connection with the LDAP authorization server.
4.
To obtain the right to search, the LDAP client uses the administrator DN and password to send
an administrator bind request to the LDAP server.
5.
The LDAP server processes the request. If the bind operation is successful, the LDAP server
sends an acknowledgment to the LDAP client.
LDAP client
2) Authentication process
successfully
If the device (the LDAP client) uses the same LDAP server for authentication and
authorization, skip to step 6.
If the device (the LDAP client) uses different LDAP servers for authentication and
authorization, skip to step 4.
3) Establish a TCP connection
4) Administrator bind request
5) Bind response
6) User authorization search request
7) Search response
11
Figure
8.
LDAP server
Figure
7.
Advertisement
Table of Contents
Troubleshooting
