IBM Remote Supervisor Adapter II User Manual page 58

Ibm remote supervisor adapter user's guide

Hide thumbs Also See for Remote Supervisor Adapter II:

Installation manual (84 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

page of 132

/ 132
Contents
Table of Contents
Bookmarks

Table of Contents

3. To configure the search attributes, use the following information.

UID Search Attribute

Group Search Attribute

Remote Supervisor Adapter II SlimLine and Remote Supervisor Adapter II: User's Guide

When the selected binding method is Anonymously or w/ Configured

Credentials, the initial bind to the LDAP server is followed by a search

request that is directed at retrieving specific information about the user,

including the distinguished name, login permissions, and group

membership. To retrieve this information, the search request must specify

the attribute name that is used to represent user IDs on that server.

Specifically, this name is used as a search filter against the login ID that is

entered by the user. This attribute name is configured here. For example,

on Active Directory servers, the attribute name that is used for user IDs is

usually sAMAccoutName. On Novell eDirectory and OpenLDAP servers, it

is usually uid. If this field is left blank, a default of UID is used during user

authentication.

In an Active Directory or Novell eDirectory environment, this parameter

specifies the attribute name that is used to identify the groups to which a

user belongs. In Active Directory, this is usually memberOf, and with

eDirectory, this is usually groupMembership.

In an OpenLDAP server environment, users are usually assigned to groups

whose objectClass equals PosixGroup. In that context, this parameter

specifies the attribute name that is used to identify the members of a

particular PosixGroup. This is usually memberUid.

If this field is left blank, the attribute name in the filter defaults to

memberOf.

When a user is authenticated through an LDAP server successfully, the

permissions, the search filter that is sent to the server must specify the

attribute name that is associated with login permissions. This field specifies

this attribute name.

If this field is left blank, the user is assigned a default of read-only

permissions, assuming that the user passes the user and group

authentication.

The attribute value that is returned by the LDAP server is searched for the

keyword string IBMRBSPermission=. This keyword must be immediately

followed by a bit string that is entered as 12 consecutive 0s or 1s. Each bit

represents a particular set of functions. The bits are numbered according to

their positions. The leftmost bit is bit position 0, and the rightmost bit is bit

position 11. A value of 1 at a particular position enables the function that is

associated with that position. A value of 0 disables that function. The string

IBMRBSPermission=010000000000 is a valid example.

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Remote supervisor adapter ii slimline

IBM Remote Supervisor Adapter II User Manual page 58

Hide quick links:

Related Manuals for IBM Remote Supervisor Adapter II

Related Products for IBM Remote Supervisor Adapter II

This manual is also suitable for:

Table of Contents