Support User Manuals

Raritan Computer Home Security System Home Security System User Manual

Open as PDF

of 384

161

In This Chapter

Authentication and Authorization (AA) Overview ..................................161

Distinguished Names for LDAP and AD

................................................162

Specifying Modules for Authentication and Authori

zation.....................163

Establishing Order of External AA Serv

ers ...........................................163

AD and CC-SG Overview

......................................................................164

Adding an AD Module to CC-SG

...........................................................164

Editing an AD Module

............................................................................168

Importing AD User Groups

....................................................................169

Synchronizing AD with CC-SG..............................................................170

About LDAP and CC-SG

.......................................................................173

Add an LDAP (Netscape) Modul

e to CC-SG.........................................173

About TACACS+ and CC-SG

................................................................177

Add a TACACS+

Module.......................................................................177

About RADIUS and CC-SG

...................................................................178

Add a RADIUS Module

..........................................................................178

Authentication and Authorization (AA) Overview

Users of CC-SG can be locally authenticated and authorized on the CC-

SG or remotely authenticated using the following supported directory

servers:

• Microsoft Active Directory (AD)

• Netscape's Lightweight Directory Access Protocol (LDAP)

• TACACS+

• RADIUS

Any number of remote servers can be used for external authentication.

For example, you could configure three AD servers, two iPlanet (LDAP)

servers, and three RADIUS servers.

Only AD can be used for remote authorization of users.

LDAP implementations use LDAP v3.

Flow for Authentication

When remote authentication is enabled, authentication and authorization

follow these steps:

1. The user logs into CC-SG with the appropriate username and

password.

2. CC-SG connects to the external server and sends the username and

password.

Chapter 12

Remote Authentication

previous next