Filter
Top Products
Configuring Authentication
To use User binding for authentication where the user logon ID is used as the DN, do the
following:
a. Select User bind from the drop-down field.
b. Enter the following into the User bind string field:
<domain name>\%s
For example, for domain XYZCorp.com, this would be XYZCorp\%s.
To use Non-User binding you must bind with a Rootdn and Rootpw. You cannot use
anonymous binding with Active Directory.
a. Select Non-User bind from the drop-down field.
b. If the user logon name is not the same as the DN, select the first radio button (Use the
username field as an alias
...)
c. If the user logon name is used as the DN, select the second radio button (Use the returned
password for authentication
).
d. Specify the field that contains the user password. Typically this will be “userPassword”
e. Specify the encryption method. By default the Active Directory directory service uses SHA.
f. Select Bind using rootdn/rootpw.
g. Enter the Rootdn and Rootpw for your database.
Step 4. When finished, click Save.
Using a Netscape or iPlanet Directory Service
This section guides you through the configuration choices for authenticating a Netscape or iPlanet
directory service.
Step 1. Type the basic information about this LDAP authentication service:
a. Type a name for this authentication service. This can be any alphanumeric string.
b. Type the fully-qualified host name or IP address of the server where the LDAP directory is
located.
c. If the server uses a port other than UPD port 389, enter the appropriate number.
d. Type the base Distinguished Name (DN) that should be appended to the username attribute
for authentication requests.
e. Type the Username attribute (commonly “uid”) that contains a user’s logon name.
Step 2. If you want to retrieve group identity information to be used to match an Identity Profile, fill in
the following fields:
a. If you want to retrieve group information, specify the field that will contain the group
membership information in the record to be retrieved (typically
cn)
b. Type the following string into the Additional Identity Search field:
(&(objectclass=groupofuniquenames)(uniquemember=%s))
The user DN returned from the initial search (for authentication) is substituted for the %s in
this statement.
5-14 HP ProCurve Secure Access 700wl Series Management and Configuration Guide