EasyManua.ls Logo

IBM BladeCenter Management Module - Page 49

IBM BladeCenter Management Module
78 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Root
DN
The
distinguished
name
for
the
root
entry
of
the
directory
tree
on
the
LDAP
server.
An
example
might
look
like
dn=companyABC,dn=com.
User
Search
Base
DN
As
part
of
the
user
authentication
process,
it
is
necessary
to
search
the
LDAP
server
for
one
or
more
attributes
associated
with
a
particular
user.
Any
search
request
must
specify
the
base
distinguished
name
for
the
actual
search.
The
User
Search
Base
DN
field
specifies
the
base
distinguished
name
that
is
used
to
search
the
user
directory.
An
example
might
look
like
cn=Users,dn=companyABC,dn=com.
If
this
field
is
left
blank,
the
root
distinguished
name
is
used
as
the
search
base.
User
searches
are
part
of
the
authentication
process.
They
are
carried
out
to
retrieve
information
about
the
user
such
as
login
permissions,
callback
number,
and
group
memberships.
For
Version
2.0
LDAP
clients,
be
sure
to
configure
this
parameter;
otherwise,
a
search
using
the
root
distinguished
name
might
not
succeed
(as
seen
on
Microsoft
Windows
®
Server
2003
Active
Directory
servers).
ASM
Group
Filter
This
parameter
is
used
for
group
authentication.
It
specifies
the
set
of
groups
to
which
this
particular
management
module
belongs.
If
left
blank,
group
authentication
is
disabled.
Otherwise,
group
authentication
is
performed
against
this
filter.
The
filter
specified
can
be
a
specific
group
name
(for
example,
RSAWest),
a
wildcard
with
a
prefix
(for
example,
RSA*),
or
a
wildcard
(specified
as
*).
If
a
specific
name
is
used,
this
management
module
belongs
only
to
this
group.
If
a
prefix
filter
is
used
(for
example,
RSA*),
this
management
module
belongs
to
any
group
whose
first
three
letters
are
RSA.
If
a
wildcard
filter
(
*
)
is
used,
then
this
management
module
belongs
to
all
groups.
The
default
filter
is
RSA*.
Group
authentication
is
performed
after
user
authentication
(where
a
user
ID
and
password
are
verified).
Group
authentication
refers
to
the
process
of
verifying
that
a
user
is
a
member
of
at
least
one
group
associated
with
this
management
module.
For
example,
assume
the
group
filter
is
set
to
RSA*.
If
the
user
belongs
to
two
groups,
for
example,
Engineering
and
RSAWest,
group
authentication
passes
because
the
user
belongs
to
a
group
(RSAWest)
that
matches
the
filter
RSA*.
If
the
groups
to
which
the
user
belong
do
not
match
the
filter,
group
authentication
fails
and
the
user
is
not
allowed
to
access
the
management
module.
Note
that
if
the
group
filter
is
*,
then
group
authentication
will
automatically
succeed
because
any
group
to
which
the
user
belongs
will
match
this
wildcard.
Binding
Method
For
initial
binds
to
the
LDAP
server
during
user
authentication,
choose
from
the
following
options:
Anonymous
authentication.
A
bind
attempt
is
made
without
a
client
distinguished
name
or
password.
If
the
bind
is
successful,
a
search
will
be
requested
to
find
an
entry
on
the
LDAP
server
for
the
user
attempting
to
log
in.
If
an
entry
is
found,
a
second
attempt
to
bind
will
be
attempted,
this
time
with
the
distinguished
name
and
password
of
the
user.
If
this
succeeds,
the
user
has
passed
the
user
authentication
phase.
Group
authentication
is
then
attempted
if
it
is
enabled.
Chapter
3.
Using
the
management-module
Web
interface
39

Table of Contents

Related product manuals