Manualshelf

Specifications

ManualsBrandsBlack Box ManualsComputer equipmentDTX5000
61626364656667686970
Chapter 8 Authentication Services
8.1.4 LDAP external authentication service
To add an LDAP external authentication service:
1. Click the Users tab.
2. Click Authentication Services in the top navigation bar. The User Authentication Services window will open.
3. Click Add. The Add Authentication Service Wizard will appear.
4. The Provide Authentication Service Name and Type window will open.
a. Type a name for the external authentication service.
b. Select LDAP from the Type menu.
c. Click Next.
5. The Specify LDAP Connection Settings window will open.
a. Type the address of the LDAP host in dot notation format (xxx.xxx.xxx.xxx) or type the DNS host name in the
Host Address field.
b. Type the number of the port for connecting to the LDAP host in the Port Number field.
c. Specify an SSL encryption mode:
Click Do Not Use SSL to have authentication performed using unencrypted clear text instead of SSL
encryption. This method is the least secure and automatically sets the Port Number field to a default port
number of 389.
Click Use SSL in Trust All Mode to use SSL encryption for data transmission. All server certificates will be
trusted and automatically accepted by the DTX 5000-CTL Management Appliance for transmitting data. This
SSL method provides medium security and automatically sets the Port Number field to a default port number
of 636.
This encryption mode is not recommended for wide area networks (WANs).
Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data transmission. The DTX 5000-
CTL Management Appliance will approve the server and then the certificate before transmitting data. This
SSL method provides maximum security and automatically sets the Port Number field to a default port
number of 636.
d. Click Enable Chasing of Referrals if you wish to allow the LDAP server to refer DTX Control clients to additional
directory servers.
e. Click Next.
If you selected Use SSL in Certificate-based Trust Mode, go to step 6.
If you selected Do Not Use SSL or Use SSL in Trust All Mode, go to step 10.
6. The DTX Control server will try to find a server that has a trusted certificate chain. If no trusted certificate chain is
found, then the Accept Certificate window will open and list all servers that belong to the domain. It will also list the
reasons for rejection of the certificate chain.
7. Click Next to accept the certificate.
8. The Specify LDAP User Schema window will open.
a. Type the Base distinguished name (DN) from which to begin searches. This is a required field unless the
Directory Service has been configured to allow anonymous search. Each Search DN value must be separated by
a comma.
b. Type the key attribute. The default value is common name (cn).
724-746-5500 | blackbox.com Page 64