12: User Authentication
SLC™ Console Manager User Guide 182
3. In the User Rights section, select the user group to which LDAP users will belong:
Encrypt Messages Select Start TLS or SSL to encrypt messages between the SLC or SLB unit and the
LDAP server. If Start TLS is selected, the port will automatically be set to 389 and
the StartTLS extension will be used to initiate a secure connection; if SSL is
selected, the port will automatically be set to 636 and a SSL tunnel will be used for
LDAP communication. The port number can be changed to a non-standard LDAP
port; if the port number is set to anything other than 636, Start TLS will be used as
the encryption method. Disabled by default.
A certificate can be uploaded to the SLC or SLB unit for peer authentication. The
certificate file is a file of CA certificates in PEM format. The file can contain several
CA certificates identified by:
-----BEGIN CERTIFICATE-----
(CA certificate in base64 encoding)
-----END CERTIFICATE-----
sequences. Before, between, and after the certificates text is allowed which can be
used e.g. for descriptions of the certificates.
Custom Menu If custom menus have been created, you can assign a default custom menu to
LDAP users. (See Custom Menus on page 209.)
Escape Sequence A single character or a two-character sequence that causes the SLC unit to leave
direct (interactive) mode. (To leave listen mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the
connect direct command on the
command line interface when the endpoint of the command is deviceport, tcp, or
udp.
Break Sequence A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC console manager and enter their login and password. Once the SLC
unit authenticates them, the modem hangs up and dials them back. Disabled by
default.
DIal-back Number The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the
connect
direct
command.
Listen Port
The ports users are able to monitor using the
connect listen command.
Clear Port Buffers
The ports whose port buffer users may clear using the
set locallog clear
command.
Group Select the group to which the LDAP users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Networking,
Date/Time, Reboot & Shutdown, and Diagnostics & Reports.
Administrators: This group has all possible rights.
To Next Page
Loading...
Need help?
General