Distinguished names for ldap and ad, Username, Base dn – Raritan Computer CC-SG User Manual
Page 114
100 C
OMMAND
C
ENTER
S
ECURE
G
ATEWAY
A
DMINISTRATOR
G
UIDE
Distinguished Names for LDAP and AD
Configuration of remotely authenticated users on LDAP or AD servers requires entering user
names and searches in Distinguished Name format. The full DN format is described in
.
For the purposes of this document, you need to know how to enter Distinguished Names and in
what order each component of the name should be listed.
Specifying a Distinguished Name for AD should follow this structure, but you do not have to
specify both common name and organization unit:
common name (cn), organizational unit (ou), domain component (dc)
Specifying a DN for Netscape LDAP and eDirectory LDAP should follow this structure:
user id (uid), organizational unit (ou), organization (o)
Username
When authenticating CC-SG users on an AD server by specifying
cn=administrator,cn=users,dc=xyz,dc=com in username, if a CC-SG user is associated with
an imported AD group, the user will be granted access with these credentials. Note that you can
specify more than one common name, organizational unit, and domain component.
Base DN
You also enter a Distinguished Name (DN) to specify where the search for users begins. Enter a
DN in the Base DN field to specify an AD container in which the users can be found. For
example, entering: ou=DCAdmins,ou=IT,dc=xyz,dc=com will search all users in the
DCAdmins and IT organizational units under the xyz.com domain.