Filter
Top Products
254
Note: The procedures in this chapter should be attempted only by
experienced users.
In This Chapter
Returning User Group Information ........................................................254
Setting the Registry to Permit Write Operations to the Schema ...........255
Creating a New Attribute
.......................................................................255
Adding Attributes
to the Class ...............................................................256
Updating the
Schema Cache.................................................................258
Editing rciusergroup Attributes for User Members
................................258
Returning User Group Information
Use the information in this section to return User Group information (and
assist with authorization) once authentication is successful.
From LDAP
When an LDAP/LDAPS authentication is successful, the Dominion KX II
determines the permissions for a given user based on the permissions of
the user's group. Your remote LDAP server can provide these user group
names by returning an attribute named as follows:
rciusergroup attribute type: string
This may require a schema extension on your LDAP/LDAPS server.
Consult your authentication server administrator to enable this attribute.
From Microsoft Active Directory
Note: This should be attempted only by an experienced Active Directory
administrator.
Returning user group information from Microsoft's Active Directory for
Windows 2000 Server requires updating the LDAP/LDAPS schema. See
your Microsoft documentation for details.
1. Install the schema plug-in for Active Directory. See Microsoft Active
Directory documentation for instructions.
2. Run Active Directory Console and select Active Directory Schema.
Appendix B
Updating the LDAP Schema