2 active directory or ldap default server screen, Figure 463 basic directory structure – ZyXEL Communications 200 Series User Manual
Page 627
Chapter 39 AAA Server
ZyWALL USG 100/200 Series User’s Guide
627
RADIUS (Remote Authentication Dial-In User Service) authentication is a popular
protocol used to authenticate users by means of an external or built-in RADIUS server.
RADIUS authentication allows you to validate a large number of users from a central
location.
Finding Out More
See
for an example of how to set up user authentication using a
radius server.
39.2 Active Directory or LDAP Default Server Screen
Directory Structure
The directory entries are arranged in a hierarchical order much like a tree structure. Normally,
the directory structure reflects the geographical or organizational boundaries. The following
figure shows a basic directory structure branching from countries to organizations to
organizational units to individuals.
Figure 463 Basic Directory Structure
Distinguished Name (DN)
A DN uniquely identifies an entry in a directory. A DN consists of attribute-value pairs
separated by commas. The leftmost attribute is the Relative Distinguished Name (RDN). This
provides a unique name for entries that have the same “parent DN” (“cn=domain1.com,
ou=Sales, o=MyCompany
” in the following examples).
cn=domain1.com, ou = Sales, o=MyCompany, c=US
cn=domain1.com, ou = Sales, o=MyCompany, c=JP
Base DN
A base DN specifies a directory. A base DN usually contains information such as the name of
an organization, a domain name and/or country. For example, o=MyCompany, c=UK where
o
means organization and c means country.
Root
US
Japan
Sprint
UPS
NEC
Sales
RD3
QA
CSO
Sales
RD
Countries (c)
Organizations (o) Organization Units (ou) Unique
Common Name
(cn)