Filter
Top Products
80 DOMINION KX II USER GUIDE
8. DN of administrative User. Distinguished Name of administrative user; consult your
authentication server administrator for the appropriate values to type into this field. An
example DN of administrative User value might be:
“cn=Administrator,cn=Users,dc=testradius,dc=com”.
9. User Search DN. This describes the name you want to bind against the LDAP, and where in
the database to begin searching for the specified Base DN. An example Base Search value
might be: “cn=Users,dc=raritan,dc=com”. Consult your authentication server administrator
for the appropriate values to enter into these fields.
10. Type of external LDAP server. Select from among the options available:
• Generic LDAP Server.
• Microsoft Active Directory. Active Directory is an implementation of LDAP directory
services by Microsoft for use in Windows environments.
11. Active Directory Domain. Type the name of the Active Directory Domain.
Returning User Group Information from Active Directory Server
The Dominion KX II supports user authentication to Active Directory (AD) without requiring that
users be defined locally on the KX II. This allows Active Directory user accounts and passwords
to be maintained exclusively on the AD server. Authorization and AD user privileges are
controlled and administered through the standard KX II policies and user group privileges (that
are applied locally to AD user groups).
Note: If you are an existing Raritan, Inc. customer, and have already configured the Active
Directory server by changing the AD schema, Dominion KX II still supports this configuration,
and you do not need to perform the following operations. Please refer to
Appendix B: Updating
the LDAP Schema for information about updating the AD LDAP schema.
To enable your AD server on the Dominion KX II:
1. Using Dominion KX II, create special groups and assign proper permissions and privileges to
these groups. For example, create groups such as: KVM_Admin, KVM_Operator.
2. On your Active Directory server, create new groups with the same group names as in the
previous step.
3. On your AD server, assign the Dominion KX II users to the groups created in step 2.
4. From the Dominion KX II, enable and configure your AD server properly. Please refer to
Implementing LDAP Remote Authentication.
Important Notes:
• Group Name is case sensitive.
• The Dominion KX II provides the following default groups which can not been changed
or deleted: Admin and <Unknown>. Please verify that your Active Directory server does
not
use the same group names.
• If the group information returned from the Active Directory server does not match a KX
II group configuration, the Dominion KX II automatically assigns the group of
<Unknown> to users who authenticate successfully.