Remote authentication, Authentication and authorization (aa) overview, Flow for authentication – Raritan Computer Home Security System User Manual

Page 179: E 161, Chapter 12 remote authentication

Advertising

background image

161

In This Chapter

Authentication and Authorization (AA) Overview ..................................161
Distinguished Names for LDAP and AD................................................162
Specifying Modules for Authentication and Authorization .....................163
Establishing Order of External AA Servers ...........................................163
AD and CC-SG Overview ......................................................................164
Adding an AD Module to CC-SG...........................................................164
Editing an AD Module............................................................................168
Importing AD User Groups ....................................................................169
Synchronizing AD with CC-SG ..............................................................170
About LDAP and CC-SG .......................................................................173
Add an LDAP (Netscape) Module to CC-SG.........................................173
About TACACS+ and CC-SG................................................................177
Add a TACACS+ Module.......................................................................177
About RADIUS and CC-SG ...................................................................178
Add a RADIUS Module..........................................................................178

Authentication and Authorization (AA) Overview

Users of CC-SG can be locally authenticated and authorized on the CC-
SG or remotely authenticated using the following supported directory
servers:

•

Microsoft Active Directory (AD)

•

Netscape's Lightweight Directory Access Protocol (LDAP)

•

TACACS+

•

RADIUS

Any number of remote servers can be used for external authentication.
For example, you could configure three AD servers, two iPlanet (LDAP)
servers, and three RADIUS servers.

Only AD can be used for remote authorization of users.

LDAP implementations use LDAP v3.

Flow for Authentication

When remote authentication is enabled, authentication and authorization
follow these steps:

1. The user logs into CC-SG with the appropriate username and

password.

2. CC-SG connects to the external server and sends the username and

password.

Chapter 12 Remote Authentication

Advertising

Popular Brands

Popular manuals