Manualshelf

User guide

ManualsBrandsAvocent ManualsComputer equipmentEquinox Console Manager CCM4850 CCM4850 CCM4850
111112113114115116117118119120
8. In the Group Container field, specify the name of the container to search for user groups.
This will limit the search scope to that container. The name may be entered in several
forms, optionally including a sub-domain. See To add an Active Directory external
authentication service: on page 90 for an explanation of the valid forms.
9. Specify a Secure Socket Layer (SSL) Encryption mode:
Click Do Not Use SSL to have authentication performed using unencrypted clear text
instead of SSL encryption. This method is the least secure.
Click Use SSL in Trust All Mode to use SSL encryption for data transmission. All
server certificates will be trusted and automatically accepted by the DSView software
for transmitting data. This SSL method provides medium security.
This encryption mode is not recommended for wide area networks (WANs).
Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data
transmission. The DSView software will approve the server and then the certificate
before transmitting data. This SSL method provides maximum security.
10. Click Use Kerberos for User Authentication to use the Kerberos protocol for authentication
requests, including the browsing. If enabled, you must use DES encryption types for this
account. If an account was created prior to Active Directory, the users password must be
changed after this setting is changed. In addition, the Active Directory server addresses
must be resolvable to their host names via DNS.
When this is not checked, the LDAP protocol will be used.
11. Click Enable Chasing of Referrals to allow the Active Directory server to refer DSView
software clients to additional directory servers.
12. Specify the search mode:
Enable Use Recursion to search groups if you wish to have the AD service access the
domain controller for the specified domain name. This search includes the "Member"
attribute of ObjectClass=group. This search is recursive and finds nested groups. This
search may be slow, depending on the number of groups and levels of nesting.
-or-
Enable Use an Active Directory Global Catalog to have the AD service access the
global catalog for the specified domain name. The search includes the "TokenGroups"
attribute of the ObjectClass=user. This search is faster but only retrieves the nested
groups SIDs; subsequent calls must be made to find the group name and specific SIDs.
-or-
94 DSView 4 Installer/User Guide