Tripp Lite B022-U08-IP Switch User Manual


  Open as PDF
of 59
 
45
7. Administration
(
continued
)
7.3.4 ANMS
TheAdvancedNetworkManagementSettings(ANMS)pageallows
you to set up login authorization management from an external source.
From this screen, administrators can set up remote management via
RADIUSand/orLDAP/S,andsetuptheaccessportandMACaddress
fortheWindows-basedlogserver.
RADIUS Settings
ToallowauthorizationforaRADIUSserver,dothefollowing:
1. Check the Enable checkbox.
2. Fill in the Primary RADIUS Server IP and access Port, and the
Alternate RADIUS Server IP and access Port.
3. In the Timeout (seconds) field, set the time in seconds that the
KVMwaitsforareplyfromtheRADIUSserverbeforeittimesout.
4. IntheRetriesfield,enterthenumberoftimesyouwanttheKVM
totryandreconnectwiththeRADIUSserverbeforeitgivesup.
5. In the Shared Secret field, key in the character string that you want to
useforauthenticationbetweentheKVMandtheRADIUSServer.
6. OntheRADIUSserver,settheaccessrightsforeachuser
according to the information in the table:
Character Description
C Gives the corresponding account administrator privileges.
W Gives the corresponding account access to the KVM
switch via the Windows browser and non-browser
applications.
J Gives the corresponding account access to the KVM
switch via the Java browser and non-browser applications.
L Gives the corresponding account access to the log server
on the Web Management Interface.
V Gives the corresponding account view-only access to all
ports on the KVM switch.
PN/xxxx Denies the corresponding account access to a port.
SN/xx Denies the corresponding account access to a station.
PV/xxxx Gives the corresponding account view-only access to a
port.
SV/xx Gives the corresponding account view-only access to a
station.
PF/xxxx Gives the corresponding account full access to a port.
SF/xx Gives the corresponding account full access to a station.
RADIUSServeraccessrightsexamplesaregiveninthefollowingtable:
RADIUS
Access
Rights Description
C The corresponding account has administrator access to
the KVM.
W, J, L The corresponding account can access the system
via the Windows and Java browser and non-browser
applications, and can access the log server on the Web
Management Interface.
PN/0102 The corresponding account is denied access to port 2 on
station 1.
PF/A The corresponding account is given full access to all
ports on the installation.
SV/02 The corresponding account is given view-only access to
station 2.
Note: Characters are not case sensitive. Characters are comma
delimited.
ANMS – LDAP/S
ToallowauthenticationandauthorizationviaLDAP/S,dothe
following:
1. ChecktheEnableLDAPAuthenticationcheckbox.
2. SelectLDAPorLDAPS.
3. Determinewhethertoenableauthorizationornot.
• If the Enable Authorization checkboxischecked,theLDAP/S
server directly returns a ‘permission’ attribute and authorization
fortheaccountthatisloggingin.Withthisselection,theLDAP
schema must be extended.
• If the Enable Authorization checkboxisnotchecked,theLDAP/S
server indicates whether the account that is logging in is a
memberoftheKVMAdminGroupornot.Ifyes,theaccount
has full access rights. If no, the account has user access rights
(See the User Management section of this manual for details on
account permissions).
4. EntertheappropriateIPaddressandaccessportfortheLDAPor
LDAPSserverintheLDAPServerIPandPortelds.Thedefault
portnumberforLDAPis389,andis636forLDAPS.
5. In the Timeout (Seconds) field, enter the time in seconds that the
KVMwaitsforanLDAPorLDAPSserverreplybeforeittimesout.
6. ConsulttheLDAP/Sadministratorabouttheappropriate
entry for the LDAP Administrator DN field. For example, the
entrymightlooklikethis:cn=LDAPAdmin,ou=B022-U08-
IP,dc=tripplite,dc=com
7. In the LDAP Admin Passwordeld,keyintheLDAPadministrator’s
password.
 previous next