User authentication LDAP
IX20 User Guide
912
c. Select LDAP for the new method from the Method drop-down.
Authentication methodsare attempted in the order they are listed until an authentication
response, either passor fail, isreceived. If Authoritative is enabled (see above), non-
authoritative methodsare not attempted. See Rearrange the position of authentication
methodsfor information about rearranging the position of the methodsin the list.
15. Click Apply to save the configuration and apply the change.
Command line
1. Select the device in Remote Manager and click Actions> Open Console, or log into the IX20
local command line as a user with full Admin access rights.
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to accessthe Admin CLI.
2. At the command line, type config to enter configuration mode:
> config
(config)>
3. (Optional) Prevent other authentication methodsfrom being used if LDAPauthentication fails.
Other authentication methodswill only be used if the LDAPserver isunavailable.
(config)> auth ldap authoritative true
(config)>
4. Set the typeof TLSconnection used by the LDAPserver:
(config)> auth ldap tls value
(config)>
where value is one of:
n
off: Usesa non-secure TCPconnection on the LDAPstandard port, 389.
n
on: Uses an SSL/TLSencrypted connection on port 636.
n
start_tls: Makesa non-secure TCPconnection to the LDAPserver on port 389, then
sendsa request to upgrade the connection to a secure TLSconnection. This is the
preferred method for LDAP.
The default is off.
5. If tlsis set to on or start_tls, configure whether to verify the server certificate:
(config)> auth ldap verify_server_cert value
(config)>
where value is either:
n
true: Verifies the server certificate with a known Certificate Authority.
n
false: Does not verify the certificate. Use this option if the server is using a self-signed
certificate.
To Next Page
Loading...
Need help?
General