Panasonic NN46110-600 User Manual
Page 44
Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".
34
Chapter 2 Configuring servers
General filter specification syntax:
•
If no filter is specified, the resultant search is (uid=username).
•
If a filter string is specified, the search is (&(uid=username)filterstring).
For example, a filter value of (|(ou=engineering)(ou=finance)) creates a search
that specifies UID=username and (ou= engineering or ou=finance)
(&(uid=username)(|(ou=engineering)(ou=finance)).
Certificate LDAP query syntax is (&(SubDn=<subject DN from
cert>)(CAAttribute=<issuer DN from cert>)myFilter) or
(&(SubAltName=<subject alt name from cert>)(CAAttribute=<issuer DN from
cert>)myFilter).
To determine the SubjectDN or Altname, check to see if the UID of the session is
the same as the subject DN of the certificate.
To configure LDAP proxy server authentication:
1
Select
Servers > LDAP Proxy
and click
Enable Access to LDAP Proxy
Server
.
a
In the
Remove Suffix from User ID
field, select to remove the fully
qualified ID suffix from the UID before sending it to the LDAP server.
b
Specify the character that separates the suffix from the UID as the
delimiter value.
c
In the
LDAP Proxy Server Users Obtain Default Settings
from the
Group
field, select the default group to which users are assigned.
d
Enter a number in the
Response Timeout Interval
dialog box.
2
Under
LDAP Proxy Servers
, enter a base
distinguished name (DN)
for the
server. This is usually in the form ou=organizational unit, o=organization,
c=country.
a
For the remote
LDAP server
, enter the
Master
,
Slave 1
, and
Slave 2
LDAP server host names or IP addresses. If the master server becomes
unavailable, the VPN Router attempts to initiate a connection with the
slave servers.
NN46110-600