User's Guide

ManualsBrandsMojo Networks ManualsElectronicsAccess Point / Sensor

AirTight Management Console Configuration

Field Description

Base Distinguished Name

The base distinguished name of the directory to which you

want to connect, for example, o=democorp, c=au.

Distinguished Name is a unique identifier of an entry in the

Directory Information Tree (DIT). The name is the

concatenation of Relative Distinguished Names (RDNs)

from the top of the DIT down to the entry in question.

Filter String

This is a mandatory argument. It is a string specifying the

attributes (existing or new) that the LDAP server uses to

filter users. For example, IsUser=A. By specifying a filter

string you can allow or disallow login access to a particular

OU or Group of user defined in the AD.

You can specify a DN (Distinguish Name) of any particular

group to allow access to only those who are member of that

group. For example, memberOf=DC=GroupName,DC=com.

You can include members from multiple groups by using an

OR condition. For example, to allow access to users under

Base DN who are member of any of the two groups, Airtight

Admins OR Airtight Reviewer, you must include the

following filter string:

(|(memberOf=CN=AirTight

Admins,DC=AirTight,DC=Com)(memberOf=CN=Airtight

Reviewer,DC=AirTight,DC=Com))

Similarly, to allow access to users under Base DN who are

member of both Airtight Admins AND Airtight Reviewer

groups, you must include the following filter string:

(&(memberOf=CN=AirTight

Admins,DC=AirTight,DC=Com)(memberOf=CN=Airtight

Reviewer,DC=AirTight,DC=Com))

You can have alternative configurations in AD such as,

adding a new attribute, say ATNWIFI, to the users in AD

that are granted access and then set filter string to allow

users with that attribute only. For example, filter string =

ATNWIFI

You can also create a new group of users in AD with access

granted and include the group in filter string.

The most general filter string you can use is

'objectClass=*'.You can use this string when you do not

want to filter out any LDAP entry.

User ID Attribute

The string defined in the LDAP schema that the system

uses to identify the user.(Default: cn)

6. If the directory does not allow an anonymous search, you must configure user credentials to search

the LDAP compliant directory. Configure the user credentials as described in the following table.

Field Description

Admin User DN

The DN of the admin user to be used to authenticate in to

the LDAP server.

Append User DN

Select this option if the base DN specified in the LDAP

Configuration Details must be appended to the admin user

Password

The password for the admin user.