Table of Contents
Advertisement
Configuring Your Library
LDAP Server Guidelines
The following groups must be created on the LDAP server to enable remote login on the library:
•
Library user group — Assign users to this group who need user-privilege access to the library. Enter the name of this
group in the Library User Group field on the Setup - Remote Authentication screen on the library Web client (see
Configuring LDAP on the
•
Partition groups — For LDAP users with user privileges, access to library partitions is determined by group assignment
on the LDAP server. Groups must be created on the LDAP server with names that match the library partition names
(names must match but are not case sensitive). Users with user privileges must be assigned to these groups on the
LDAP server to have access to the corresponding partitions on the library.
•
Library admin group — Assign users to this group who need administrator-privilege access to the library. LDAP users
with administrator privileges have access to all partitions and administrator functions and do not need to be assigned
to partition-related groups on the LDAP server. Enter the name of this group in the Library Admin Group field on the
Setup - Remote Authentication screen on the library Web client (see
You will need to have at least one user assigned to both the Library User Group and the Library Admin Group on the LDAP
server in order to test the LDAP settings on the library (see
members of both these groups, you may need to create a special or temporary user specifically for this purpose.
Configuring LDAP on the Library
Before configuring LDAP, obtain the following LDAP parameters from your network administrator. You need to enter these
parameters in the Setup - Remote Authentication screen on the Web client:
•
Server URI — The Uniform Resource Identifier (URI) of the LDAP server where user account information is stored.
The URI includes the LDAP server host name or IP address and can include the LDAP server network port. Port 389 is
the default.
Examples:
ldap://hostname:389
ldap://10.50.91.103
•
Principal — An LDAP user login ID with permissions to search the LDAP directory. The library logs into LDAP using this
ID.
Example: administrator@mycompany
Password — The password for the principal authorization login ID.
•
•
User DN — The Fully Qualified Distinguished Name that contains the users.
Example: cn=users,ou=system,dc=mycompany,dc=com
•
Group DN — The Fully Qualified Distinguished Name that contains the groups.
Example: cn=groups,ou=system,dc=mycompany,dc=com
Library User Group — The name of the group on the LDAP server associated with library users who have user-level
•
privileges (see
User Privileges
server (see
LDAP Server
•
Library Admin Group — The name of the group on the LDAP server associated with library users who have
administrator-level privileges (see
on your LDAP server (see
Testing LDAP Settings
The Test Settings button tests communication between the library and the LDAP server, and tests the currently applied
LDAP settings. If there are any problems, an error message identifies the problem area.
If you change the LDAP settings, click Apply before using this button.
To test the settings, you must enter a user name and password, then click the button. The user you use for the test must
be a member of both the Library User Group and the Library Admin Group on the LDAP server. Since most normal
users will not be members of both these groups, you may need to create a special or temporary user specifically for this
purpose.
After configuring LDAP settings, save the library configuration.
file:///T|/htdocs/stor-sys/ML6000/en/html/ch04.htm[9/17/2012 1:49:29 PM]
Library).
for more information on user privilege levels). This group must exist on your LDAP
Guidelines).
User Privileges
for more information on user privilege levels). This group must exist
LDAP Server
Guidelines).
Configuring LDAP on the
Testing LDAP
Settings). Since most normal users will not be
Library).
Hide quick links:
Advertisement
Table of Contents
