H3C Technologies H3C Intelligent Management Center User Manual
Page 389
371
when executing the synchronization policy. If you select Do Not Sync, user email accounts are
not synchronized from the LDAP server.
{
User Group—Click the Select User Group icon . The Select User Group window appears.
Select a group and click OK. Available options include all the user groups that have been
created on UAM. Users synchronized from the LDAP server under this policy belong to the
selected user group.
Configure additional information
This field appears only when the additional user information is configured on IMC platform.
Select an attribute from the list to represent the user additional information entry, or select Do Not
Sync. If you select an attribute, UAM uses the value of the attribute to populate the user additional
information field when executing the synchronization policy. If you select Do Not Sync, enter or
select a setting for the user additional information field based on pre-defined rules.
Configure access information
{
Account Name—The system automatically populates this field with the account name attribute
description configured when adding the LDAP server, which cannot be modified.
{
Expiration Time—Select an attribute to represent the expiration time of the LDAP user account,
or select Do Not Sync. If you select an attribute, UAM uses the value of the attribute as the
account expiration time when executing the synchronization policy. If you select Do Not Sync,
click the Calendar icon to select a time or manually enter a time in the format of
YYYY-MM-DD.
{
User Password—Select an attribute from the list to represent the user password, or select Do Not
Sync. If you select an attribute, UAM uses the value of the attribute as the user password when
executing the synchronization policy. If you select Do Not Sync, enter a user password in the text
box next to the list.
{
Max. Idle Time—Select an attribute from the list to represent the maximum idle time, or select Do
Not Sync. If you select an attribute, UAM uses the value of the attribute as the maximum idle time
when executing the synchronization policy. If you select Do Not Sync, enter a maximum idle time
in the text box next to the list.
{
Max. Concurrent Logins—Select an attribute from the list to represent the maximum number of
concurrent logins with the same user account, or select Do Not Sync. If you select an attribute,
UAM uses the value of the attribute as the maximum number of concurrent logins with the same
user account when executing the synchronization policy. If you select Do Not Sync, enter the
maximum concurrent logins in the text box next to the list.
{
Smart Device Bindings for Portal—Select an attribute to represent the maximum device bindings
or select Do Not Sync. If you select an attribute, UAM uses the value of the attribute as the
maximum device bindings when executing the synchronization policy. If you select Do Not Sync,
further select a number to specify the maximum number of smart terminal MAC addresses that
can be bound to each LDAP user account, or select Not Supported to disable transparent
authentication on devices for all LDAP user accounts synchronized from the LDAP server.
{
Login Message—Select an attribute from the list to represent the login messages displayed when
the users attempt to access the network, or select Do Not Sync. If you select an attribute, UAM
uses the value of the attribute as the login message when executing the synchronization policy.
If you select Do Not Sync, enter a login message in the text box next to the list.
Configure access device binding information
{
Device IP—Select an attribute from the list to represent the device IP address, or select Do Not
Sync. If you select an attribute, UAM uses the value of the attribute as the device IP address when