Table of Contents
Advertisement
If you use RADIUS servers as authentication servers with both primary and secondary servers specified
and you specify different domains of authorization servers for the primary and the secondary servers prior
to SVP microcode version 70-02-5x/00, a server configuring operation in the Setup Server window in
SVP microcode version 70-02-5x/00 or later will only enable the authorization server with the domain you
have specified on the primary server.
Connecting authentication and authorization servers
Before you can connect an authentication server and an authorization server, you must configure your
network.
Prerequisites
•
If you have not already done so, obtain a security administrator account with a View & Modify role.
•
Contact your server administrator for information about the values to be written in the LDAP, RADIUS,
or Kerberos configuration file. If you use LDAP servers, the files of the LDAP servers must be certified;
obtain certification.
•
Contact your network administrator for information about the network settings.
•
Give your service representative the IP address of the DNS server and ask that representative to
configure the SVP.
Procedure
1. Click Settings > Environmental Setting > View External Authentication Server Properties.
2. Click Setup Server to open the Setup Server window.
3. Select the type of the authentication server.
4. Specify options to connect to the authentication server. If you use more than one authentication server
or an authorization server, specify an option for each server.
5. To test the connection in the Server Configuration Test field, click Check.
6. Click Finish.
7. Enter a task name, and then, click Apply.
8. After you finish setting up the authentication and authorization servers and confirm that you can use
the servers, save a copy of the configuration files for connecting the authentication server. For details
on saving a copy, see Backing up and restoring Remote Web Console configuration files on page
71.
Naming a user group in Remote Web Console
When you create a user group in Remote Web Console, you name the group with the user's memberOf
attribute value which is found in the Active Directory.
After entering the user group name, verify that the user group name that you entered is registered in the
authorization server.
CAUTION: If a user needs to use different user groups for different purposes, create local user
accounts on Remote Web Console. Do not use the authorization server.
NOTE: The domain name (DN) of the user group to be set to Active Directory must be between 1 and
250 characters. The number of user groups that can be registered at one time is 20 at maximum.
Setting up and managing user accounts
45
Advertisement
Table of Contents
