Filter
Top Products
Chapter 39 AAA Server
ZyWALL USG 100/200 Series User’s Guide
627
RADIUS (Remote Authentication Dial-In User Service) authentication is a popular
protocol used to authenticate users by means of an external or built-in RADIUS server.
RADIUS authentication allows you to validate a large number of users from a central
location.
Finding Out More
See Section 6.5.3 on page 149 for an example of how to set up user authentication using a
radius server.
39.2 Active Directory or LDAP Default Server Screen
Directory Structure
The directory entries are arranged in a hierarchical order much like a tree structure. Normally,
the directory structure reflects the geographical or organizational boundaries. The following
figure shows a basic directory structure branching from countries to organizations to
organizational units to individuals.
Figure 463 Basic Directory Structure
Distinguished Name (DN)
A DN uniquely identifies an entry in a directory. A DN consists of attribute-value pairs
separated by commas. The leftmost attribute is the Relative Distinguished Name (RDN). This
provides a unique name for entries that have the same “parent DN” (“cn=domain1.com,
ou=Sales, o=MyCompany” in the following examples).
cn=domain1.com, ou = Sales, o=MyCompany, c=US
cn=domain1.com, ou = Sales, o=MyCompany, c=JP
Base DN
A base DN specifies a directory. A base DN usually contains information such as the name of
an organization, a domain name and/or country. For example, o=MyCompany, c=UK where
o means organization and c means country.
Root
US
Japan
Sprint
UPS
NEC
Sales
RD3
QA
CSO
Sales
RD
Countries (c)
Organizations (o)
Organization Units (ou)
Unique
Common Name
(cn)