Filter
Top Products
Chapter 44 AAA Server
ZyWALL USG 300 User’s Guide
752
organizational boundaries. The following figure shows a basic directory structure
branching from countries to organizations to organizational units to individuals.
Figure 506 Basic Directory Structure
Distinguished Name (DN)
A DN uniquely identifies an entry in a directory. A DN consists of attribute-value
pairs separated by commas. The leftmost attribute is the Relative Distinguished
Name (RDN). This provides a unique name for entries that have the same “parent
DN” (“cn=domain1.com, ou=Sales, o=MyCompany” in the following examples).
cn=domain1.com, ou = Sales, o=MyCompany, c=US
cn=domain1.com, ou = Sales, o=MyCompany, c=JP
Base DN
A base DN specifies a directory. A base DN usually contains information such as
the name of an organization, a domain name and/or country. For example,
o=MyCompany, c=UK where o means organization and c means country.
Bind DN
A bind DN is used to authenticate with an LDAP/AD server. For example a bind DN
of cn=zywallAdmin allows the ZyWALL to log into the LDAP/AD server using the
user name of zywallAdmin. The bind DN is used in conjunction with a bind
password. When a bind DN is not specified, the ZyWALL will try to log in as an
anonymous user. If the bind password is incorrect, the login will fail.
Finding Out More
• See Section 7.7.3 on page 146 for an example of how to set up user
authentication using a radius server.
Root
US
Japan
Sprint
UPS
NEC
Sales
RD3
QA
CSO
Sales
RD
Countries
Organizations
Organization Units
Unique
Common
Name (cn)