CHAPTER16 Services
Mediant 1000 Gateway & E-SBC | User's Manual
2. Under the LDAP group, from the 'Use LDAP for Web/Telnet Login' drop-down list, select
Enable.
3. Click Apply, and then reset the device with a save-to-flash for your settings to take effect.
Configuring LDAP Server Groups
The LDAP Server Groups table lets you configure up to 41 LDAP Server Groups. An LDAP Server
Group is a logical configuration entity that contains up to two LDAP servers. LDAP servers are
assigned to LDAP Server Groups in the LDAP Servers table (see Configuring LDAP Servers). To
use a configured LDAP server, you must assign it to an LDAP Server Group. You can configure the
following types of LDAP Server Groups (configured by the 'Type' parameter described below):
â– Control: To use an LDAP server for call routing, you need to configure the LDAP Server Group
as a Control type, and then assign the LDAP Server Group to a Routing Policy. The Routing
Policy in turn needs to be assigned to the relevant routing rule(s). You can assign a Routing
Policy to only one LDAP Server Group. Therefore, for multi-tenant deployments where multiple
Routing Policies are employed, each tenant can be assigned a specific LDAP Server Group
through its unique Routing Policy.
â– Management: To use an LDAP server for management where it does user login authentication
and user authorization, you need to configure the LDAP Server Group as a Management type.
Additional LDAP-based management parameters need to be configured, as described in
Enabling LDAP-based Web/CLI User Login Authentication and Authorization and Configuring
LDAP Servers.
â– Management Service: To use two different LDAP server accounts for management where
one LDAP account does user authentication and the other LDAP account does user
authorization, you need to configure two LDAP Server Groups. Configure the LDAP Server
Group for user authentication as a Management type and the LDAP Server Group for user
authorization as a Management Service type. In this setup, configure all the user-
authorization settings (i.e., Management LDAP Groups and LDAP Server Search Base DN)
only for the Management Service-type LDAP Server Group (instead of for the Management-
type LDAP Server Group).
The following procedure describes how to configure an LDAP Server Group through the Web
interface. You can also configure it through ini file [LDAPServerGroups] or CLI (configure
system > ldap ldap-server-groups).
The device provides a preconfigured LDAP Server Group
("DefaultCTRLServersGroupin") in the LDAP Server Groups table, which can be
modified or deleted.
➢ To configure an LDAP Server Group:
1. Open the LDAP Server Groups table (Setup menu > IP Network tab > RADIUS & LDAP
folder > LDAP Server Groups).
2. Click New; the following dialog box appears:
- 212 -
To Next Page
Loading...
Need help?
General
