Manualshelf

User`s guide

ManualsBrandsWestern Telematic ManualsNetwork CardMPC Series MPC-8H-2
81828384858687888990
5-53
Basic Configuration
5.9.8. LDAP Parameters
The TSM/RSM supports LDAP (Lightweight Directory Access Protocol,) which allows
authentication via the "Active Directory" network Directory Service. When LDAP is
enabled, command access rights can be granted to new users without the need to
define individual new accounts at each TSM/RSM unit, and existing users can also be
removed without the need to delete the account from each TSM/RSM unit. This also
allows administrators to assign users to LDAP groups, and then specify which plugs the
members of each group will be allowed to control at each TSM/RSM unit.
In order to apply the LDAP feature, you must first define User Names and associated
Passwords and group membership via your LDAP server, and then access the
TSM/RSM command mode to configure LDAP settings and define port access rights
and command access rights for each group specified at the LDAP server. To access
the LDAP Parameters menu, login to TSM/RSM command mode using a password
that permits Administrator level commands. In the Text Interface, the LDAP Parameters
menu is accessed via the Network Configuration menu (/N for IPv4 parameters or /N6
for IPv6 parameters.) In the Web Browser Interface, both IPv4 and IPv6 parameters are
defined via a single LDAP Parameters menu, which is accessed via the flyout menus
under the Network Configuration link.
Notes:
• PortandPlugaccessrightsarenotdefinedattheLDAPserver.Theyare
definedviatheLDAPGroupconfigurationmenuoneachTSM/RSMunitand
arespecifictothatTSM/RSMunitalone.
• WhenLDAPisenabled,LDAPauthenticationwillsupersedeanypasswords
andaccessrightsthathavebeendefinedviatheTSM/RSMuserdirectory.
• IfnoLDAPgroupsaredefinedonagivenTSM/RSMunit,thenaccessrights
willbedeterminedasspecifiedbythe"default"LDAPgroup.
• The"default"LDAPgroupcannotbedeleted.
The LDAP Parameters Menu allows the following parameters to be defined:
Enable: Enables/disables LDAP authentication. (Default = Off.)
PrimaryHostIPv4: Defines the IP address or domain name for the primary LDAP
server when IPv4 protocol is used to communicate with the TSM/RSM unit.
(Default = undefined.)
PrimaryHostIPv6: Defines the IP address or domain name for the primary LDAP
server when IPv6 protocol is used to communicate with the TSM/RSM unit.
(Default = undefined.)
SecondaryHostIPv4: Defines the IP address or domain name for the secondary
(fallback) LDAP server when IPv4 protocol is used. (Default = undefined.)
SecondaryHostIPv6: Defines the IP address or domain name for the secondary
(fallback) LDAP server when IPv6 protocol is used. (Default = undefined.)