Configuring Secure Ldap On The Library; Configuring Ldap On The Library - Quantum Scalar i40 User Manual
Hide thumbs
Also See for Scalar i40:
- User manual (341 pages) ,
- Quick start manual (44 pages) ,
- Replacement manual (8 pages)
Table of Contents
Advertisement
Chapter 4: Configuring the Library
Working With LDAP User Accounts (Remote Authentication)
Configuring Secure
LDAP on the Library
Configuring LDAP on
the Library
90
You can configure Secure LDAP using one of two methods (do not use
both).
• LDAPS —Uses Secure Sockets Layer (SSL) over a specific port for
LDAP (636). You may enable LDAP over SSL (LDAPS) by entering a
URI in the form of "ldaps://hostname" in the Server URI field. This
will use SSL to send secure communication via port 636. If the LDAP
server does not support LDAPS or does not have LDAPS enabled,
then login operations will fail. LDAPS has been deprecated in favor
of using StartTLS (see option below). Do not use LDAPS if you are
using StartTLS. Once you apply LDAPS, StartTLS will not be available.
• StartTLS — Uses Transport Layer Security (TLS) over the same port as
regular LDAP (389). Select the StartTLS check box to configure
secure LDAP communication using TLS. If TLS mode is not
supported on your LDAP server, then login operations will fail. Do
not use StartTLS if you are using LDAPS.
Additionally, if you are using one of these Secure LDAP methods listed
above, you can also Install a TLS CA certificate for additional verification
that the LDAP server has not been compromised. The certificate must be
the same certificate that is installed on your LDAP server and must be in
.pem format. The library will only perform the verification if you have
configured Secure LDAP (using either LDAPS or StartTLS). Place a copy of
the certificate file in an accessible location on your computer and use
the Browse button to locate and install it.
Once a certificate is installed, you can remove it by checking the
Remove TLS CA Certificate check box. This check box only becomes
available once a certificate is installed. The presence of this check box
lets you know that a certificate is installed. Refer to
Setup Example
on page 93.
Administrators can enable and configure Lightweight Directory Access
Protocol (LDAP). LDAP is the industry standard Internet protocol that
provides centralized user account management.
Administrators can add, delete, and modify only local user account
information. The library Web client does not allow you to create,
modify, or delete user account information on an LDAP server. This must
be done by the directory service provider. For more information on
working with local user accounts, see
and Passwords
on page 79.
Working With Local User Accounts
Quantum Scalar i40 and Scalar i80 User's Guide
Figure 14 LDAP
Advertisement
Chapters
Table of Contents
Troubleshooting
