Figure 8.4: Expert - Security - Authentication - Ldap - Avocent Cyclades ACS Installation/Administration/User Manual

Figure 8.4: Expert - Security - Authentication - LDAP

2. Supply the IP address of the LDAP server in the LDAP Server field.
3. If the LDAP authentication server uses a different distinguished name for the search base than
the one displayed in the LDAP Base field, change the definition.
The default distinguished name is dc, as in dc=value,dc=value. If the distinguished name on
the LDAP server is
4. Replace the default base name with the name of your LDAP domain.
For example, for the LDAP domain name avocent.com, the correct entry is:
dc=avocent , dc=com
5. Enable Secure LDAP, if required.
6. Enter optional information in LDAP User Name, LDAP Password and LDAP Login
Attribute fields.
7. Click apply changes. The changes are stored in /etc/ldap.conf on the console server.
Group Authorization on LDAP
Group information retrieval from an LDAP authentication server adds another layer of security by
adding a network-based authorization. It retrieves the group information from the authentication
server and performs an authorization through the console server.
To configure a Kerberos authentication server:
Perform the following procedure to configure a Kerberos authentication server when the console
server or any of its ports is configured to use Kerberos authentication method or any of its
variations (Kerberos, Kerberos/Local or KerberosDownLocal).
Before starting this procedure, find out the following information from the Kerberos
server' administrator:
• Realm name and KDC address
• Host name and IP address for the Kerberos server
o , then replace dc in the base field with
.
Chapter 8: Security Menu and Forms
o , as in o=value
121
, o=value .