4: Advanced Operations
Memberof<Enter>
Setting the group membership value type:
The Set LDAP GroupType command is used to specify whether the values of group
Membership Attribute represent the Distinguished Name (DN) of a group or just the
name of the group.
To set the group membership value type:
2. At the command prompt, type ldap grouptype, followed by DN or Name and
press Enter.
Example
The following sets the group membership attribute for MSAD to ‘memberof’:
SLP: set ldap grouptype DN<Enter>
Setting the user search base Distinguished Name (DN):
The Set LDAP UserBaseDN command is used to set the base (DN) for the login
username search. This is where the search will start, and will include all subtrees.
Maximum size is 100 characters.
To set the user search base DN:
1. At the command prompt, type ldap userbasedn, and press Enter. At the
following prompt, type the search base DN and press Enter.
Example
The following sets the DN User search base for MSAD to
‘cn=Users,dc=lantronixlantronix,dc=com’:
SLP: set ldap userbasedn<Enter>
Enter User Search Base DN (Max characters
100):
cn=Users,dc=lantronix,dc=com<Enter>
Setting the authentication order:
The Set Authorder command sets the authentication order for remote authentication
sessions. The SLP supports two methods for authentication order-Remote-
>
Local
and Remote Only.
The Remote -
>
Local method first attempts authentication with the Active Directory
server and if unsuccessful then with the local user database on the SLP device.
The Remote Only method attempts authentication only with the Active Directory
server and if unsuccessful, access is denied.
Note: With the Remote Only method, if authentication fails due to a communication
failure with the Active Directory server, automatic authentication fallback will occur to
authenticate with the local user data base on the SLP device.
To set the authentication order:
1. At the command prompt, type ldap authorder, followed by remotelocal or
remoteonly and press Enter.
Note: Lantronix recommends NOT setting the authentication order to Remote Only
until the LDAP has been fully configured and tested.
SecureLinx SLP Remote Power Manager 81