ZyXEL ZyWALL ATP700 User Guide - Page 711
Object, ZyWALL ATP Series User's Guide, Table 293, Configuration > Object > AAA
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 711 highlights
Chapter 34 Object Table 293 Configuration > Object > AAA Server > Active Directory (or LDAP) > Add (continued) LABEL DESCRIPTION Port Specify the port number on the AD or LDAP server to which the Zyxel Device sends authentication requests. Enter a number between 1 and 65535. Base DN This port number should be the same on all AD or LDAP server(s) in this group. Specify the directory (up to 127 alphanumerical characters). For example, o=Zyxel, c=US. Use SSL Search time limit This is only for LDAP. Select Use SSL to establish a secure connection to the AD or LDAP server(s). Specify the timeout period (between 1 and 300 seconds) before the Zyxel Device disconnects from the AD or LDAP server. In this case, user authentication fails. Case-sensitive User Names Bind DN Search timeout occurs when either the user information is not in the AD or LDAP server(s) or the AD or LDAP server(s) is down. Select this if the server checks the case of the usernames. Specify the bind DN for logging into the AD or LDAP server. Enter up to 127 alphanumerical characters. Password Retype to Confirm Login Name Attribute Alternative Login Name Attribute Group Membership Attribute For example, cn=zywallAdmin specifies zywallAdmin as the user name. If required, enter the password (up to 15 alphanumerical characters) for the Zyxel Device to bind (or log in) to the AD or LDAP server. Retype your new password for confirmation. Enter the type of identifier the users are to use to log in. For example "name" or "email address". If there is a second type of identifier that the users can use to log in, enter it here. For example "name" or "email address". An AD or LDAP server defines attributes for its accounts. Enter the name of the attribute that the Zyxel Device is to check to determine to which group a user belongs. The value for this attribute is called a group identifier; it determines to which group a user belongs. You can add ext-group-user user objects to identify groups based on these group identifier values. Domain Authentication for MSChap User Name For example you could have an attribute named "memberOf" with values like "sales", "RD", and "management". Then you could also create a ext-group-user user object for each group. One with "sales" as the group identifier, another for "RD" and a third for "management". Select the Enable checkbox to enable domain authentication for MSChap. This is only for Active Directory. Enter the user name for the user who has rights to add a machine to the domain. User Password This is only for Active Directory. Enter the password for the associated user name. This is only for Active Directory. Retype to Confirm Retype your new password for confirmation. Realm This is only for Active Directory. Enter the realm FQDN. NetBIOS Name This is only for Active Directory. Type the NetBIOS name. This field is optional. NetBIOS packets are TCP or UDP packets that enable a computer to connect to and communicate with a LAN which allows local computers to find computers on the remote network and vice versa. ZyWALL ATP Series User's Guide 711