Lantronix SLC 8000 User Manual page 235

Server #1
(or Server #2)
Port
Base
Bind Name
Bind Password /
Retype Password
Bind with Login
User Login Attribute
Group Filter
Objectclass
Group Member
Attribute
Group Member Value The attribute used by the LDAP server for group membership. This attribute may be
Use LDAP Schema
Active Directory
Support
SLC™ 8000 Advanced Console Manager User Guide
The IPv4 or IPv6 address or host name of the primary and secondary LDAP
servers. The secondary LDAP server will be used for authentication in the event
that the primary LDAP server cannot be reached.
Number of the TCP port on the LDAP server to which the
389.
The name of the LDAP search base (e.g., dc=company, dc=com). May have up to
80 characters.
The name for a non-anonymous bind to an LDAP server. This item has the same
format as LDAP Base. One example is
cn=administrator,cn=Users,dc=domain,dc=com
Password for a non-anonymous bind. This entry is optional. Acceptable characters
are a-z, A-Z, and 0-9.
The maximum length is 127 characters.
Select to bind with the login and password that a user is authenticating with. This
requires that the Bind Name contain the
the current login. For example, if the Bind Name is
uid=$login,ou=People,dc=lantronix,dc=com
logs into the SLC 8000 advanced console manager, LDAP will bind with
uid=roberts,ou=People,dc=lantronix,dc=com
entered by roberts.
The attribute used by the LDAP server for user logins. If nothing is specified for the
user filter, the SLC unit will use "uid". For AD LDAP servers, the attribute for user
logins is typically "sAMAccountName".
The objectclass used by the LDAP server for groups. If nothing is specified for the
group filter, the SLC 8000 advanced console manager will use "posixGroup". For
AD LDAP servers, the objectclass for groups is typically "Group".
The attribute used by the LDAP server for group membership. This attribute may be
use to search for a name (ie, "msmith") or a Distinguished Name (ie,
"uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as
appropriate for the LDAP server. If nothing is specified for the group membership
attribute, the SLC unit will use "memberUID" for name and "uniqueMember" for DN.
For AD LDAP servers, the Group Membership Value is typically DN, with the Group
Membership Attribute of "member".
use to search for a name (ie, "msmith") or a Distinguished Name (ie,
"uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as
appropriate for the LDAP server. If nothing is specified for the group membership
attribute, the SLC 8000 advanced console manager will use "memberUID" for
name and "uniqueMember" for DN. For AD LDAP servers, the Group Membership
Value is typically DN, with the Group Membership Attribute of "member".
Select the check box to obtain remote user attributes (group/permissions and port
access) from an Active Directory server's scheme via the user attribute 'Secure
LantronixPerms' (see details below). Disabled by default.
Select to enable. Active Directory is a directory service from Microsoft that is a part
of Windows 2000 and later versions of Windows. It is LDAP- and Kerberos-
compliant. Disabled by default.
12: User Authentication
SLC
talks. The default is
token, which will be replaced with
$login
, and user
and the password
roberts
235