Filter
Top Products
Configuring Rights
To edit a Network Equipment entry in the built-in database, do the following:
» Edit the fields to change the descriptive name or the MAC address.
» To change the Identity Profile to which the equipment is assigned, remove the check from the old
Identity Profile and check the checkbox for the new Identity Profile to which this equipment should be
assigned.
» When you have finished, click Save. This replaces the original equipment entry with the modified
information.
Click
Cancel to return to the previous page without making any further changes.
Retrieving MAC Addresses from an LDAP Database
The 700wl Series system’s built-in database can be used to keep the MAC addresses of Access Points and
other client devices that cannot be authenticated using a user ID and password. If an organization has a
large number of these types of clients, it may be impractical to add or update by hand the MAC addresses
in the Network Equipment list of the built-in database. In addition, some organizations may already keep
an inventory of such devices in an external database. The MAC Address Retrieval feature allows the
built-in database to be populated and periodically updated with MAC address users as maintained in an
external LDAP database.
Setting up MAC address retrieval requires several steps:
• Configuration of an LDAP authentication service (with non-user binding)
• Adding the LDAP service to a list of services from which MAC addresses can be retrieved
• Configuring the retrieval specifications, including the interval for refreshing the MAC addresses in the
built-in database
• Enabling retrieval from the specified LDAP services
In addition to retrieving MAC addresses on a scheduled basis, you can also initiate an immediate
retrieval to update addresses upon demand.
This feature assumes that the LDAP database has one record that contains a set of attributes whose values
define all the MAC addresses to be retrieved. For example, suppose you have a record, defined with
objectClass=GroupOfUniqueNames, and identified by cn=MACS, that contains MAC addresses in the
attribute
uniqueMember.
If you do not have group membership information kept in the LDAP directory, then the value of
uniqueMember could simply be the MAC address. In this case, the record identified by cn=MACS could
contain the following values for uniqueMember:
uniqueMember: 000122034a5b
uniqueMember: 01234567891a
uniqueMember: 22314a6721b7
These values will be taken as the MAC addresses and added to the built-in database.
If the value of the attribute has multiple components, the first component is assumed to be the MAC
address itself; subsequent components may optionally be included to define a search string that identifies
4-24 HP ProCurve Secure Access 700wl Series Management and Configuration Guide