Filter
Top Products
Users: Remote Servers (User Remote Authentication)
This screen allows you to authenticate the users that try to connect to the switch from centralized
servers running a RADIUS service or hosting a directory that can be accessed through the
LDAP protocol (Active Directory, for example). User Remote Authentication lets you integrate
the switch into your global enterprise user management. By default, Remote Authentication
is congured as “None”; i.e., all remote authentications are disabled, in which case the
authentication is all done locally by using the database on the switch only. After you’ve made
all modications, click “Store Settings,” then “Apply Settings”/“Restart Servers.”
Authentication Server Type
From the drop-down menu, enable the remote server authentication either by LDAP or the
RADIUS server (or select “None” to disable the remote authentication support). Before
proceeding with subsequent settings on this screen, check with your network administrator for
the availability of either an LDAP server or a RADIUS server.
Directory Server Using LDAP
SSL Access: Select to enable SSL access of the LDAP authentication. NOTE: Make sure your
LDAP server supports SSL, and remember, too, that you need to install a distinct set of
certicates — ldapcert.crt and ldapkey.pem — on the switch by uploading them through the
Security screen. Normally these certicates are generated by the directory server itself.
Port: Enter the port number used in LDAP authentication. By default, it is set to Port 389.
LDAP Server: Enter the IP address of the directory server.
Second Server (if any): If there is a second LDAP server available for authentication, enter its
IP address here.
User Base Search DN: Make an appropriate entry here, which is characteristic of the LDAP
server you use for authentication. The default is cn=users, dc=abc, dc=kle, dc=com, but you
should enter your own. (If unsure what to enter, contact your LDAP server administrator.)
51
MANAGEMENT OVER A BROWSER