IBM 17352GX User Guide - Page 54

Use Local First, Use LDAP for Authentication Only, Server, IP address, Port ID, LDAPS, Search

Get IBM 17352GX PDF manuals and user guides View all IBM 17352GX manuals
Add to My Manuals
Save this manual to your list of manuals

Page 54 highlights

38 GCM2 and GCM4 Installation and User's Guide databases are checked. The Authentication Parameters area on the window also becomes active. NOTE: Local authentication is always used, whether it is the primary or backup authentication method, and it cannot be disabled. 5. Select either the Use Local First or Use LDAP First radio button. 6. To specify LDAP to be used for authentication only and the local databases to be used for authorizations checking, select the Use LDAP for Authentication Only check box. 7. Click the Server tab and configure one or two LDAP enabled directory servers in the Primary Server and optional Secondary Server areas: a. Type an address in the IP address field. b. (Optional) Change the UDP port number in the Port ID field. c. Configure the access type. d. Select the LDAP radio button to send queries to the LDAP server in clear text (non-secure LDAP). e. Select the LDAPS radio button to send queries using SSH (secureLDAP). 8. To configure the parameters used when searching the LDAP directory service for users, click the Search tab and complete the following steps. 9. Define a distinguished name (an administrator-level user that the appliance uses to log into the directory service) in the Search DN field. This is a required field unless the directory service has been configured to enable anonymous search. a. Type a password for the user in the Search Password field. b. Type the starting point for LDAP searches in the Search Base field. c. Type a mask in the UID Mask field. The default value is correct for use with Active Directory. This field is required for LDAP searches. 10. To configure the parameters used when searching the LDAP directory service for users, click the Search tab and complete the following steps. a. Type a distinguished name for the administrator, which the appliance uses to log into the directory service, in the Search DN field. This is a required field unless the directory service has been configured to enable anonymous search. b. Type a password for the administrator in the Search Password field. 11. Click the Query and configure the modes. • Appliance query mode is used to authenticate administrators attempting to access the appliance itself. • Device query mode is used to authenticate users that are attempting to access attached target devices. 12. Click Save.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
38
GCM2 and GCM4 Installation and User’s Guide
databases are checked. The Authentication Parameters area on the window also becomes
active.
NOTE:
Local authentication is always used, whether it is the primary or backup authentication method, and it
cannot be disabled.
5.
Select either the
Use Local First
or
Use LDAP First
radio button.
6.
To specify LDAP to be used for authentication only and the local databases to be used for
authorizations checking, select the
Use LDAP for Authentication Only
check box.
7.
Click the
Server
tab and configure one or two LDAP enabled directory servers in the Primary
Server and optional Secondary Server areas:
a.
Type an address in the
IP address
field.
b.
(Optional) Change the UDP port number in the
Port ID
field.
c.
Configure the access type.
d.
Select the
LDAP
radio button to send queries to the LDAP server in clear text (non-secure
LDAP).
e.
Select the
LDAPS
radio button to send queries using SSH (secureLDAP).
8.
To configure the parameters used when searching the LDAP directory service for users, click
the
Search
tab and complete the following steps.
9.
Define a distinguished name (an administrator-level user that the appliance uses to log into the
directory service) in the Search DN field. This is a required field unless the directory service
has been configured to enable anonymous search.
a.
Type a password for the user in the Search Password field.
b.
Type the starting point for LDAP searches in the Search Base field.
c.
Type a mask in the UID Mask field. The default value is correct for use with Active
Directory. This field is required for LDAP searches.
10.
To configure the parameters used when searching the LDAP directory service for users, click
the
Search
tab and complete the following steps.
a.
Type a distinguished name for the administrator, which the appliance uses to log into the
directory service, in the Search DN field. This is a required field unless the directory
service has been configured to enable anonymous search.
b.
Type a password for the administrator in the
Search Password
field.
11.
Click the
Query
and configure the modes.
Appliance query mode is used to authenticate administrators attempting to access the
appliance itself.
Device query mode is used to authenticate users that are attempting to access attached tar-
get devices.
12. Click
Save
.