Manualshelf

Specifications

ManualsBrandsAMX ManualsMusical equipmentNX-2200
131132133134135136137138139140
Appendix A: LDAP Implementation Details
120
NX-Series Controllers - WebConsole & Programming Guide
3. The client connects to the LDAP server and starts a bind operation with the BIND DN,
uid=amxBindAccount,ou=people,dc=example,dc=com, and the Search Password, secret.
4. The password, secret, is then compared by the server to the value of the userPassword attribute for the record
uid=amxBindAccount,ou=people,dc=example,dc=com.
If this step is successful, the bind is successful and the client is logged in.
5. If the bind is successful, the client then performs a search with the filter
(&(objectclass=person)(uid=DallasUser1)).
The objectclass=person portion of the filter is hard coded in the client firmware.
The uid=DallasUser1 portion of the filter is formed from the configured parameter User Query Attr and the user
name entered when logging in.
Since the User Query Attr is required to be unique in the search base LDAP BASE DN, the search should return
either 0 or 1 record.
If one record is found, the DN of the record is returned. In this example, the DN
uid=DallasUser1,ou=people,ou=Dallas,dc=example,dc=com is returned.
6. The client then unbinds as the user uid=amxBindAccount,ou=people,dc=example,dc=com.
7. If a record is found that matches, the client then attempts to bind as this DN using the password the user enters to
initiate the session.
In this example the DN uid=DallasUser1,ou=people,ou=Dallas,dc=example,dc=com and the password
DallasUser1Pswd would be used for this bind.
8. The server compares the user supplied password with the value of the userPassword attribute of
uid=DallasUser1,ou=people,ou=Dallas,dc=example,dc=com.
If this match is successful, the bind is successful and the client is logged in.
9. If the bind is successful, the client then performs another search using the filter (member=DN returned from the
first search) specifying that the commonName attribute of matching entries should be returned.
In this example, the filter is member=uid=DallasUser1,ou=people,ou=Dallas,dc=example,dc=com.
Since DallasUser1 is listed as a member of the groupOfNames objectclass
dn: cn=master01Admin,ou=groups,ou=Dallas,dc=example,dc=com
and
dn: cn=master01User,ou=groups,ou=Dallas,dc=example,dc=com,
the server will return the commonName attributes master01Admin and master01User.
The client then unbinds as this user and exits.
Note: The AMX LDAP client configuration parameters are located on the System Security Details page under the System
Security Settings link. See the System Security - System Level section on page 24; the LDAP configuration options are
described on page 34.