Tripp Lite B0930082E4UV Owners Manual for B093- B097- and B098-Series Console - Page 177
Remote Groups with LDAP Authentication
 |
View all Tripp Lite B0930082E4UV manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 177 highlights
9. Authentication 9.1.8 Remote Groups with LDAP Authentication Unlike RADIUS, LDAP has built-in support for group provisioning, which makes setting up remote groups easier. The console server will retrieve a list of all the remote groups the user is a direct member of and compare their names with local groups on the console server. Note: Any spaces in the group name will be converted to underscores. For example, in an existing Active Directory setup, a group of users may be part of the UPS Admin and Router Admin groups. On the console server, these users will be required to have access to a group Router_Admin, with access to port 1 (connected to the router), and another group UPS_Admin, with access to port 2 (connected to the UPS). Once LDAP is set up, users that are members of each group will have the appropriate permissions to access the router and UPS. Currently, the only LDAP directory service that supports group provisioning is Microsoft Active Directory. Support is planned for OpenLDAP later. To enable group information to be used with an LDAP server: • Complete the fields for standard LDAP authentication, including LDAP Server Address, Server Password, LDAP Base DN, LDAP Bind DN and LDAP Username Attribute. • Enter memberOf for LDAP Group Membership Attribute, as group membership is currently only supported on Active Directory servers. • If required, enter the group information for LDAP Console Server Group DN and/or LDAP Administration Group DN. A user must be a member of the LDAP Console Server Group DN group in order to gain access to the console and user interface. For example, the user must be a member of "MyGroup" on the Active Server to gain access to the console server. Additionally, a user must be a member of the LDAP Administration Group DN in order to gain administrator access to the console server. For example, the user must be a member of "AdminGroup" on the Active Server to receive administration privileges on the console server. • Click Apply. • Ensure the LDAP service is operational and group names are correct within the Active Directory. 177
-
1 -
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172 -
173 -
174 -
175 -
176 -
177 -
178 -
179 -
180 -
181 -
182 -
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
 |
 |
