Owner's Manual
Using the CMC Directory Service 313
To view and configure LDAP:
1
Log in to the Web interface.
2
Click the
User Authentication
tab, and then click the
Directory Services
subtab. The
Directory Services
page appears.
3
Click the radio button associated with Generic LDAP.
4
Configure the options shown and click
Apply
.
Table 8-10 displays the available options:
Table 8-10. Common Settings
Setting Description
Generic LDAP Enabled Enables the generic LDAP service on CMC.
Use Distinguished Name
to Search Group
Membership
Specifies the Distinguished Name (DN) of LDAP groups
whose members are allowed access to the device.
Enable SSL Certificate
Validation
If checked, CMC uses the CA certificate to validate the
LDAP server certificate during SSL handshake.
Bind DN Specifies the distinguished name of a user used to bind to
the server when searching for the login user's DN. If not
provided an anonymous bind is used.
Password A bind password to use in conjunction with the bind DN.
NOTE: The bind password is sensitive data, and must be
properly protected.
Base DN to Search The DN of the branch of the directory where all searches
must start from.
Attribute of User Login Specifies the attribute to search for. If not configured, the
default is to use uid. It is recommended to be unique
within the chosen base DN, otherwise a search filter must
be configured to ensure the uniqueness of the login user.If
the user DN cannot be uniquely identified by searching
the combination of attribute and search filter, login fails
with an error.
Attribute of Group
Membership
Specifies the LDAP attribute that is used to check for
group membership. This must be an attribute of the group
class. If not specified, the member and unique member
attributes are used.