• Host—IP address for the LDAP server
• Port—The default is 389.
• User CN (Common Name)— The LDAP user with permission to connect to the LDAP server
and perform user queries. Many environments use the format “Surname, Name” or the email
address for a group of library administrators.
• User DN (Distinguished Name)—The DN of the User CN configured to authenticate with the
LDAP server.
• Password—LDAP password of the User CN. This might be the User CN’s Windows password
or an environment-specific password.
• Use SSL—If SSL is required by your organization, select Use SSL and then paste the
appropriate CA certificate.
c. Enter the Secondary/Backup Server host address and port number.
d. Enter the Distinguished Names parameters.
Base DN—The LDAP parameters needed to identify the LDAP domain. User queries will be
performed as a recursive tree search against this Base DN. For example:
DC=Examplegroup,DC=local
e. Enter the Attribute Mapping parameters.
Username/LDAP Server Name—The LDAP name for the specified user account. For example:
sAMAccountName.
f. Click Test Connection to verify the configuration.
g. When the library successfully connects to the LDAP server, click OK.
3. In the LDAP User area, click Add User.
4. The RMI displays the Add User dialog.
5. Click Query LDAP Servers to see a list of available users.
6. Select the user name and then assign the user a role (User, Administrator, or Security). Click OK.
Prerequisites for configuring LDAP user accounts
By default the library has three predefined user accounts: administrator, security, and user. When LDAP
servers and users are configured, the RMI and OCP login screens show the LDAP users along with the
predefined users.
Each LDAP user is assigned a role based on the predefined user accounts, and this role determines the
access level for the LDAP user.
Procedure
• Verify that the passwords for the predefined administrator and security user accounts are set.
• Using LDAP does not disable the predefined user accounts. For library security, ensure that the
passwords for the predefined administrator and security user accounts are always set.
Prerequisites for configuring LDAP user accounts 87
To Next Page
Loading...
