User's Manual 230 Document #: LTRT-10466
Mediant 500L MSBR
Parameter Description
used to uniquely name an AD object. Below are example
parameter settings:
cn=administrator,cn=Users,dc=domain,dc=com
administrator@domain.com
domain\administrator
LDAP-
based user login authentication: This parameter represents
the login username entered by the user during a login attempt.
You can use the $ (dollar) sign in this value to enable the device
to automatically replace the $ sign with the user's login username
in the search filter, which it sends to the LDAP server for
authenticating the user's username-password combination. An
example configuration for this parameter is $@sales.local, where
the device replaces the $ with the entered username, for
example, JohnD@sales.local. The username can also be
configured with the domain name of the LDAP server.
Note: By default, the device sends the username in clear-
You can enable the device to encrypt the username using TLS (see
the 'Use SSL' parameter below).
LDAP Network Interface
CLI: interface-type
[LdapConfiguration_LdapCo
nfInterfaceType]
Assigns one of the device's IP network interfaces for communicating
with the LDAP server.
[0] Control Interface (default) = The top-most IP network interface
row in the IP Interfaces table that is configured for a Control
application (may be combined with other applications such as
OAMP and Media) is used.
[1] OAM Interface = The OAMP interface (may be combined with
other applications such as Control and Media) in the IP Interfaces
table is used.
For configuring IP network interfaces, see ''Configuring IP Network
Interfaces'' on page 138.
Type
CLI: type
[LdapConfiguration_Type]
Defines whether the LDAP server is used for SIP-related queries or
management login authentication-related queries.
[0] Control (Default)
[1] Management
Note: If you use the same LDAP server for both management and
SIP (Control) related applications, the device establishes different
LDAP sessions for each application.
Management Attribute
CLI: mgmt-attr
[LdapConfiguration_MngmA
uthAtt]
Defines the LDAP attribute name to query, which contains a list of
groups to which the user is a member. For Active Directory, this
attribute is typically "memberOf". The attribute's values (groups) are
used to determine the user's management access level; the group's
corresponding access level is configured in ''Configuring Access
Level per Management Groups Attributes'' on page 233.
Notes:
This parameter is applicable only to LDAP-based login
authentication and authorization (i.e., the 'Type' parameter is set
to Management).
If this functionality is not used, the device assigns the user the
configured default access level. For more information, see
''Configuring Access Level per Management Groups Attributes''
on page 233.
Use SSL
Enables the device to encrypt the username and password (for
Control and Management related queries) using TLS when sending
To Next Page
Loading...
