Filter
Top Products
TANDBERG Gatekeeper User Guide
Page 38 of 105
8.2. Authentication
The TANDBERG Gatekeeper can use a user name and password based challenge-response scheme to
permit registrations. For details of how to configure your endpoint with the appropriate information,
please consult your endpoint manual.
The Gatekeeper supports the ITU H.235 specification [1] for authenticating the identity of network
devices with which the Gatekeeper communicates.
In order to verify the identity of a device, the Gatekeeper needs access to the password information. This
credential information may be stored in a local database on the Gatekeeper or obtained from an LDAP
Directory Server.
8.2.1. Authentication using a local database
To configure the Gatekeeper to use the local database of credentials during authentication, either use
the command line interface and issue the following commands:
xConfiguration Authentication Mode: On
xConfiguration Authentication Database: LocalDatabase
or use the web interface via Gatekeeper Configuration > Authentication, setting Authentication mode to
On and the Authentication database to LocalDatabase.
Viewing credentials
To show the credentials in the local database, either use the command line interface and issue the
following command:
xConfiguration Authentication Credential
or use the web interface via Gatekeeper Configuration > Credentials.
Managing credentials
Each credential in the local database has a username and a password. To manage the credentials in the
local database, either use the command line interface to issue the following commands:
xcommand CredentialAdd <user name> <password>
xcommand CredentialDelete <credential index>
or use the web interface via Gatekeeper Configuration > Credentials. From here you can either add a
new credential by selecting Add New Credential, or manage an existing credential by highlighting it and
selecting Edit or Delete.
8.2.2. Authentication using an LDAP server
Authentication information can be obtained from an LDAP server. The directory on the LDAP server
should be configured to implement the ITU H.350 specification [2] to store H.235 credentials for devices
that the Gatekeeper communicates with. The directory should also be configured with the H.323 aliases
of endpoints that will register with the Gatekeeper.
For instructions on how to configure common third party LDAP servers, see Appendix B.
To configure the Gatekeeper to use the LDAP server directory during authentication, either use the
command line interface to issue the following commands:
xConfiguration Authentication Mode: On
xConfiguration Authentication Database: LDAPDatabase
or use the web interface via Gatekeeper Configuration > Authentication, setting Authentication mode to
On and Authentication database to LDAPDatabase.