Specify a distinguished name for ldap, Specify a username for ad, Specify a base dn – Raritan Computer CCA-0N-V5.1-E User Manual

Chapter 12: Remote Authentication

189

Specify a Distinguished Name for LDAP

Distinguished Names for Netscape LDAP and eDirectory LDAP should
follow this structure:



user id (uid), organizational unit (ou), organization (o)

Specify a Username for AD

When authenticating CC-SG users on an AD server by specifying
cn=administrator,cn=users,dc=xyz,dc=com in username, if a CC-SG
user is associated with an imported AD group, the user will be granted
access with these credentials. Note that you can specify more than one
common name, organizational unit, and domain component.

Specify a Base DN

You also enter a Distinguished Name to specify where the search for
users begins. Enter a Distinguished Name in the Base DN field to specify
an AD container in which the users can be found. For example, entering:
ou=DCAdmins,ou=IT,dc=xyz,dc=com will search all users in the
DCAdmins and IT organizational units under the xyz.com domain.

Specifying Modules for Authentication and Authorization

Once you have added all the external servers as modules in CC-SG,
specify whether you want CC-SG to use each of them for either
authentication, authorization, or both.

To specify modules for authentication and authorization:

1. Choose Administration > Security.

2. Click the Authentication tab. All configured external Authorization

and Authentication Servers appear in a table.

3. For each server listed:

a. Select the Authentication checkbox if you want CC-SG to use

the server for authentication of users.

b. Select the Authorization checkbox if you want CC-SG to use the

server for authorization of users. Only AD servers can be used
for authorization.

4. Click Update to save your changes.