Table of Contents
Advertisement
Device Management
RADIUS Settings
To allow authentication and authorization for the B064-Series KVM Switch through a RADIUS server, do the following:
1. Check the Enable check box in the RADIUS section.
2. Fill in the IP addresses and port numbers for the Preferred and Alternate RADIUS servers.
3. In the Timeout field, set the time in seconds that the B064-Series KVM Switch waits for a RADIUS server reply before it times out.
4. In the Retries field, set the number of allowed RADIUS retries.
5. In the Shared Secret field, key in the character string that you want to use for authentication between the B064-Series KVM Switch and the
RADIUS Server.
6. On the RADIUS server, set the access rights for each user according to the information in the table, below:
Character
Meaning
C
Grants the user administrator privileges, allowing the user to configure the system.
W
Allows the user to access the system via the Windows Client program.
J
Allows the user to access the system via the Java applet.
L
Allows the user to access log information via the user's browser.
V
Limits the user's access to only viewing the video display.
RADIUS Server access rights examples are given in the table, below:
String
Meaning
C, W
User has administrator privileges; user can access the system via the Windows Client.
W, J, L
User can access the system via the Windows Client; user can access the system via the Java Applet; user can access
log information via the user's browser.
Note: Characters are not case sensitive. Characters are comma delimited.
LDAP / LDAPS Authentication and Authorization Settings
To allow authentication and authorization for the B064 Series KVM Switch via LDAP / LDAPS, refer to the information in the table, below:
Character
Meaning
Enable
Put a check in the Enable checkbox to allow LDAP / LDAPS authentication and authorization.
LDAP / LDAPS
Click to specify whether to use LDAP or LDAPS.
LDAP Server IP and
Fill in the IP address and port number for the LDAP or LDAPS server. For LDAP, the default port number is 389; for
Port
LDAPS, the default port number is 636.
Timeout
Set the time in seconds that the B064-Series KVM Switch waits for an LDAP or LDAPS server reply before it times out.
Admin DN
Consult the LDAP / LDAPS administrator to ascertain the appropriate entry for this field. For example, the entry might
look like this: ou=b064-032-04-ip,dc=tripplite,dc=com
Admin Name
Key in the LDAP administrator's username.
Password
Key in the LDAP administrator's password.
Search DN
Set the distinguished name of the search base. This is the domain name where the search starts for user names.
Note: If the LDAP Setting is enabled, the LDAP schema for MS Active Directory must be extended, or an OpenLDAP server must be installed
and configured. (See LDAP Server Configuration, in the following section for details)
LDAP Configuration — Active Directory
To allow authentication and authorization for the B064-Series KVM Switch via LDAP or LDAPS, the Active Directory's LDAP Schema must
be extended so that an extended attribute name for the B064-Series KVM Switch – permission – is added as an optional attribute to the person
class.
• Authentication refers to determining the authenticity of the person logging in.
• Authorization refers to assigning permission to use the device's various features.
In order to configure the LDAP server, you will have to complete the following procedures: 1) Install the Windows 2003 Support Tools; 2) Install
the Active Directory Schema Snap-in; and 3) Extend and Update the Active Directory Schema.
47
Advertisement
Table of Contents
Troubleshooting
