Filter
Top Products
Configuring Authentication
» For detailed instructions for setting up an Active Directory server, see “Using the Active Directory
LDAP Service” on page 5-13.
» For detailed instructions for setting up a Netscape or iPlanet server, see “Using a Netscape or iPlanet
Directory Service” on page 5-14.
Using the Active Directory LDAP Service
This section guides you through the configuration choices for authenticating using Active Directory
LDAP.
Step 1. Type the basic information for your Active Directory service:
a. Type a name for this authentication service. This can be any alphanumeric string.
b. Type the fully-qualified host name or IP address of the server where the Active Directory is
located.
c. If the LDAP server uses a port other than UPD port 389, enter the appropriate number.
d. Type the base Distinguished Name (DN) that should be appended to the username attribute
for authentication requests. For Active Directory, this is the domain name, in the form
dc=<domaincomponent>,dc=<domaincomponent>, with no spaces between the components
of the domain name.
For example, if your NT domain is XYZCorp.com, the Base DN would be:
dc=XYZCorp,dc=com
e. In the Username field, type the name of the attribute that contains a user’s logon name. For
Active Directory, this is “
sAMAccountName”. The username is case sensitive.
f. If you want to retrieve group information, type the Group attribute into the Group field. For
Active Directory, this is the attribute “
memberof”.
g. The timeout value specifies the length of time the 700wl Series system waits for a response
to an authentication request before it abandons the request. The default is 120 seconds. You
can change this as appropriate for your situation.
Step 2. Specify the options for your server:
a. You should use SSL for a secure connection, since with User Binding the 700wl Series system
sends user passwords to Active Directory with the authentication request.
Note: This requires that you have SSL enabled on your Active Directory server.
b. Active Directory is based on LDAP v3, so leave the second checkbox (Use LDAPv2)
unselected.
Step 3. Select the Bind Method for this server:
• Select
User bind if you are using Active Directory for user authentication (providing a
username as the DN to be authenticated.
• Select
Non-user bind if you are using Active Directory only for external group retrieval, or if
you need to use aliasing because the user’s logon ID is not used as their DN. In either of these
cases you must bind as the rootDN. You cannot use anonymous binding with an Active
Directory service.
HP ProCurve Secure Access 700wl Series Management and Configuration Guide 5-13