Remote authentication, Authentication and authorization (aa) overview, Flow for authentication – Raritan Computer CCA-0N-V5.1-E User Manual

Page 205: Chapter 12 remote authentication

Advertising

background image

187

In This Chapter

Authentication and Authorization (AA) Overview .................................. 187
Distinguished Names for LDAP and AD ................................................ 188
Specifying Modules for Authentication and Authorization ..................... 189
Establishing Order of External AA Servers ........................................... 190
AD and CC-SG Overview ...................................................................... 190
Adding an AD Module to CC-SG ........................................................... 190
Editing an AD Module ............................................................................ 195
Importing AD User Groups .................................................................... 195
Synchronizing AD with CC-SG .............................................................. 197
Renaming and Moving AD Groups ........................................................ 201
About LDAP and CC-SG ....................................................................... 201
Add an LDAP (Netscape) Module to CC-SG......................................... 201
About TACACS+ and CC-SG ................................................................ 205
Add a TACACS+ Module ....................................................................... 205
About RADIUS and CC-SG ................................................................... 206
Add a RADIUS Module .......................................................................... 206

Authentication and Authorization (AA) Overview

Users of CC-SG can be locally authenticated and authorized on the
CC-SG or remotely authenticated using the following supported directory
servers:



Microsoft Active Directory (AD)



Netscape's Lightweight Directory Access Protocol (LDAP)



TACACS+



RADIUS

Any number of remote servers can be used for external authentication.
For example, you could configure three AD servers, two iPlanet (LDAP)
servers, and three RADIUS servers.

Only AD can be used for remote authorization of users.

LDAP implementations use LDAP v3.

Flow for Authentication

When remote authentication is enabled, authentication and authorization
follow these steps:

1. The user logs into CC-SG with the appropriate username and

password.

Chapter 12 Remote Authentication

Advertising

Popular Brands

Popular manuals