The ldap authorization screen – HP 3PAR Operating System Software User Manual

Page 78

Advertising
background image

Description

Field

Group

Indicates the type of binding: Simple or SASL.

Binding

Authentication
Parameters

Indicates whether binding with SSL is used.

Use SSL

Indicates the binding mechanism used.

SASL Mechanism

PLAIN – Similar to simple binding where the username and
password are sent directly to the LDAP server for authentication
(default).

DIGEST-MD5 – The LDAP server sends the LDAP client one-time
data that is encrypted by the client and returned to the server
using a method that proves the client knows the user's password
without actually having to send the password.

GSSAPI – Obtains a ticket from the Kerberos server that validates
the user's identity. The ticket is then sent to the LDAP server for
authentication.

The name of the host LDAP server.

LDAP Server Name

Indicates the numeric IP Address of the Kerberos server if
different from the LDAP server.

Kerberos Realm

The IP address of the Kerberos server, if different than the LDAP
server.

Kerberos Server IP

Indicates the base of the subtree in the DIT to search for objects
that hold account information. It is mutually exclusive with Group
DN.

Accounts DN

The objectClass attribute of an account object. (The default is
user.)

Account Object Class

The attribute of an account object that holds the user's username.
(The default is sAMAccountName.)

Account Name Attribute

The attribute that holds the name of a group of which the user
is a member.(The default is memberOf.)

Member Attribute

Indicates the objectClass attribute of a group object. (The default
is group.)

Group Object Class

The version number of the certificate.

Version

Certificate
(shown if the value of
the Use Certificate field
is Yes.)

Who the certificate is issued to.

Issued to

Who the certificate is issued by.

Issued by

Dates the certificate is valid.

Valid from

The LDAP Authorization Screen

The Authorization screen displays the Authorization Group and Group Distinguished Name of all
authorized LDAP users.

NOTE:

This screen must be displayed in order to enable the Test LDAP Connection button on

the toolbar.

78

Managing LDAP with Security Manager

Advertising
This manual is related to the following products:

3PAR Operating System Software Licenses, 3PAR StoreServ 7000 Storage

Popular Brands
Popular manuals