Key concepts, Ldap, Domains – Grass Valley iControl V.6.02 User Manual

Page 267: Resources, Ldap domains resources

Advertising
background image

iControl

User Guide

257

4. Configure other Application Servers — Open the iControl—Access control page of other

Application Servers in the same domain (e.g. Bravo) to enable access control and to point to
the LDAP service running on Alpha.

5. Client login — When a user opens an application (e.g. iC Navigator, iC Web) from Alpha or

Bravo, he/she must log on to begin an iControl session. From that point on, their ability to
perform various operations will depend upon what role they have been assigned (and how
that role was configured).

Key Concepts

LDAP

iControl Access Control employs the Lightweight Directory Access Protocol (LDAP) for user
authentication. LDAP is an application protocol for searching and editing directories.

A directory is a database containing similar “objects” organized hierarchically. An LDAP
directory is similar to a telephone book, where entries consisting of names, addresses, and
phone numbers are organized into higher level groups. In an LDAP directory, the topmost
level corresponds to a domain (e.g.

myCompany.com).

Domains

Access control in iControl makes use of the concept of domains. A domain is a logical grouping
of users, resources and applications.

Domains are specified using dot notation (e.g.

myCompany.com), and are hierarchical—there

is typically one top level domain for a company, with several lower level domains organized in
some pattern. For example, a company might have

myCompany.com as the top level domain,

and then one lower level domain per city (e.g.

montreal.myCompany,

toronto.myCompany).

• every iControl resource is located in a domain

• every iControl client application (e.g. iC Navigator) is opened from a domain

• every server process is run within a domain

• a domain can contain more than one iControl Application Server

• a domain is also considered a resource

• a domain contains higher level permissions such as startNavigator, manageUsers, etc.

Resources

A resource is any device (e.g. a Densité card), service (e.g. Densité Manager) or Web object
(e.g. a Web page) that can have a permission assigned to it. It is defined by three elements: a
unique ID, a resource type, and a domain. Some examples are given in the table below:

Advertising
This manual is related to the following products:

iControl V.6.01

Popular Brands
Popular manuals