Raritan Computer DOMINION KSX II User Manual
Page 137
Chapter 7: User Management
127
18. The KSX II provides you with the ability to test the LDAP
configuration from the Authentication Settings page due to the
complexity sometimes encountered with successfully configuring the
LDAP server and KSX II for remote authentication. To test the LDAP
configuration, enter the login name and password in the "Login for
testing" field and the "Password for testing" field respectively. This is
the username and password you entered to access the KSX II and
that the LDAP server will use to authenticate you. Click Test.
19. Once the test is completed, a message will be displayed that lets you
know the test was successful or, if the test failed, a detailed error
message will be displayed. It will display successful result or detail
error message in failure case. It also can display group information
retrieved from remote LDAP server for the test user in case of
success.
Returning User Group Information from Active Directory Server
The KSX II supports user authentication to Active Directory
®
(AD) without
requiring that users be defined locally on the KSX II. This allows Active
Directory user accounts and passwords to be maintained exclusively on
the AD server. Authorization and AD user privileges are controlled and
administered through the standard KSX II policies and user group
privileges that are applied locally to AD user groups.
IMPORTANT: If you are an existing Raritan, Inc. customer, and have
already configured the Active Directory server by changing the AD
schema, the KSX II still supports this configuration and you do not
need to perform the following operations. See Updating the LDAP
Schema for information about updating the AD LDAP/LDAPS
schema.
To enable your AD server on the KSX II:
1. Using the KSX II, create special groups and assign proper
permissions and privileges to these groups. For example, create
groups such as KVM_Admin and KVM_Operator.
2. On your Active Directory server, create new groups with the same
group names as in the previous step.
3. On your AD server, assign the KSX II users to the groups created in
step 2.