Dell KVM 2321DS User Manual

160

LDAP Feature for the Remote Console Switch

the physical switch and one Association Object. The Association object is

used to link together the users or groups with a specific set of privileges to one

or more SIPs. This model provides an Administrator maximum flexibility over

the different combinations of users, RCS privileges, and SIPs on the Remote

Console Switch without adding too much complexity.
The RCS Device Object is the link to the Remote Console Switch for

querying Active Directory for authentication and authorization. When a

Remote Console Switch is added to the network, the Administrator must

configure the Remote Console Switch and its device object with its Active

Directory name so that users can perform authentication and authorization

with Active Directory. The Administrator will also need to add the Remote

Console Switch to at least one Association Object in order for users to

authenticate.
You can create as many Association Objects as you want, and each Association

Object can be linked to as many users, groups of users, or RCS Device

Objects as desired. The users and RCS Device Objects can be members of

any domain in the enterprise.
However, each Association Object may be linked (or, may link users, groups of

users, or RCS Device Objects) to only one Privilege Object. A Privilege

Object allows an Administrator to control which users have what kind of

privileges on specific SIPs.
Figure 8-6 illustrates that the Association Object provides the connection

that is needed for all of the Authentication and Authorization.