Manualshelf

System information

ManualsBrandsSamsung ManualsMonitorSyncMaster 2243SWXPLUS
12345678910
4 Chapter 1
802.1x and AD Authentication - The Linux thin clients now support Microsoft
Active Directory Authentication where user login credentials can be authenticated
via an AD server (with or without using a radius server or 802.1x protocol). With the
MR3 release, the Linux thin clients also support the security protocol 802.1x. 802.1x
is an IEEE standard for port-based network access control, offering the capability to
permit or deny network connectivity which can be dynamically enabled or disabled
based on the identity of the device or end user. 802.1x uses EAP (Extensible
Authentication Protocol) to provide a way for the supplicant and authenticator to
negotiate an authentication method (EAP method). The EAP authentication method
defines the credential type and how it is submitted from the supplicant to the
authentication server using the EAP framework. On an SLETC device, the user can
create 802.1x network connections either through the Network Connections UI or
the INI method. Only an administrator user is allowed to create network
connections in the Network Connections applet. The following diagram depicts
communication between the components in an 802.1x thin client solution.
NOTE: When an Active Directory user password is expired, there is no option to
change the password at the GDM login screen. Since Microsoft LDAP servers are not
RFC3062 compliant, it is not possible to allow users themselves to change their
current password using their expired credentials without a middleware/facilitator.
Simple Certificate Enrollment Protocol (SCEP) - SCEP is a PKI communication
protocol which leverages existing technology by using PKCS#7 and PKCS#10. SCEP
is a proposed protocol for automated certificate enrollment. SCEP offers a standard
interface to communicate with a Certificate Authority. It includes several properties
that allow it to do an automatic enrollment without much manual interaction. The
typical usage scenarios of SCEP are large network environments with many network
devices that require automatic enrollment of certificates.SCEP request/response
model based on HTTP (GET method; optional support for POST method).
Custom Gnome - SLETC has three default built in local users admin, thinuser, and
guest having High, Low, and No privilege levels respectively. Similarly along with
these three local users, SLETC also provides an option for remote INI users. That is,
the INI user privilege level can be equivalent to any of three built in local users.
Depending on different privilege levels, a user will have access to different sets of
panels, applets, and icons. The INI parameter name will specify Enable or Disable
user Privilege Levels keywords and the INI parameter value will specify the custom
settings to be applied. Table 1 lists the various applications and corresponding
.desktop file names.