Sun one ldap (iplanet) configuration settings – Raritan Computer Home Security System User Manual

Chapter 12: Remote Authentication

175

2. Select Base 64 if you want the password to be sent to the LDAP

server with encryption. Select Plain Text if you want the password to
be sent to the LDAP server as plain text.

3. Default Digest: select the default encryption of user passwords.

4. Type the user attribute and group membership attribute parameters

in the User Attribute and Group Membership Attribute fields. These
values should be obtained from your LDAP directory schema.

5. Type the bind pattern in the Bind Username Pattern field.

ƒ Check Use bind if you want CC-SG to send the username and

password entered at login to the LDAP server for authentication.
If Use Bind is not checked, CC-SG will search the LDAP server
for the user name, and if found, will retrieve the LDAP object and
locally compare the associated password with the one entered.

ƒ On some LDAP servers, the password cannot be retrieved as

part of the LDAP object. Select the Use bind after search
checkbox to instruct CC-SG to bind the password to the LDAP
object again and send it back to the server for authentication.

6. Click OK to save your changes. The new LDAP module appears in

the Security Manager screen, under External AA Servers.

7. Select the Authentication checkbox if you want CC-SG to use the

LDAP module for authentication of users.

8. Click Update to save your changes.

Sun One LDAP (iPlanet) Configuration Settings

If using a Sun One LDAP server for remote authentication, use this
example:

Parameter Name

SUN One LDAP Parameters

IP Address/Hostname

<Directory Server IP Address>

User Name

CN=<Valid user id>

Password <Password>

BaseDN O=<Organization>

Filter

(objectclass=person)

Passwords (Advanced Screen)

Plain Text

Password Default Digest (Advanced)

SHA

Use Bind

unchecked

Use Bind After Search

Checked