Filter
Top Products
Configuring Rights
This means that the Rights Manager will use the search string found in the initial
search (for example, the value returned from the
uniqueMember attribute in the MACS
record) to search for the individual MAC address record.
Step 2.Type mymember in the field labeled Identity Information Attribute.
The Rights Manager will look for instances of the attribute mymember, and take the
values as group names. Then, assuming that these names match groups that exist in
the Rights Manager, the MAC address user will be made a member of these groups.
For example, this configuration will return the groups Contractors and DBSpec for MAC
Address User
00:01:22:03:4a:5b.
Searching for Groups with MAC Address Users as Members
The second method for retrieving Identity Profile membership assumes that you have
multiple group objects, each of which contains a list MAC address users. Identity Profile
membership is retrieved by searching for each MAC Address, then returning the names of
any groups in which that MAC address was found.
For example, suppose you have a second group in your LDAP database, identified by cn
CONTRACTORS, also defined with objectClass=groupofuniquenames, that also contains
MAC addresses in instances of the attribute
uniqueMember.
In this case, do the following:
Step 1.Select Search for MAC Addresses‘ assigned Identities.
Step 2.In the Search String field, type a search string to use to find records that contain the
MAC address in a specified attribute.
For example, to search for MAC addresses in the two records discussed in this
section (identified by
cn=MACS and cn=CONTRACTORS) you would use the search
string:
(&(objectclass=groupofuniquenames) (uniquemember=%s))
This searches records of class “groupofuniquenames” for an attribute
“uniquemember” whose value matches the current MAC address as retrieved by the
initial search.
Step 3.In the Identity Name attribute field, type cn. This returns the value of the cn attribute,
which is the name of the group in which the matching uniquemember was found.
This configuration will return the groups MACS and CONTRACTORS for MAC Address
User 00:01:22:03:4a:5b.+
Connection Profiles
A client is associated with a Connection Profile based on the Access Controller port through which he
accesses the 700wl Series system, the VLAN to which he belongs (if any) and the day, date and time that
he accesses the system. The default Connection Profile, “Any” includes clients from any Access
Controller port, belonging to any VLAN or no VLAN, at any time, on any day.
HP ProCurve Secure Access 700wl Series Management and Configuration Guide 4-29