User guide

Remote Authentication

From LDAP

WhenanLDAP/LDAPSauthenticationissuccessful,KXII‐101

determinesthepermissionsforagivenuserbasedonthepermissionsof

theuserʹsgroup.YourremoteLDAPservercanprovidetheseusergroup

namesbyreturninganattributenamedasfollows:

rciusergroup attributetype:string

ThismayrequireaschemaextensiononyourLDAP/L

DAPSserver.

Consultyourauthenticationserveradministratortoenablethisattribute.

From Microsoft Active Directory

Note:ThisshouldbeattemptedonlybyanexperiencedActiveDirectory

administrator.

ReturningusergroupinformationfromMicrosoftʹsActiveDirectoryfor

Windows2000ServerrequiresupdatingtheLDAP/LDAPSschema.

RefertoyourMicrosoftdocumentationformoredetail.

1. Installtheschemaplug‐inforActiveDirectory‐refertoMicrosoft

ActiveDirectorydocumentationforinstructions.

2. RunActiveDirectoryConsoleandselectActiveDi

rectorySchema.