Filter
Top Products
Chapter 12: Remote Authentication
175
2. Select Base 64 if you want the password to be sent to the LDAP
server with encryption. Select Plain Text if you want the password to
be sent to the LDAP server as plain text.
3. Default Digest: select the default encryption of user passwords.
4. Type the user attribute and group membership attribute parameters
in the User Attribute and Group Membership Attribute fields. These
values should be obtained from your LDAP directory schema.
5. Type the bind pattern in the Bind Username Pattern field.
Check Use bind if you want CC-SG to send the username and
password entered at login to the LDAP server for authentication.
If Use Bind is not checked, CC-SG will search the LDAP server
for the user name, and if found, will retrieve the LDAP object and
locally compare the associated password with the one entered.
On some LDAP servers, the password cannot be retrieved as
part of the LDAP object. Select the Use bind after search
checkbox to instruct CC-SG to bind the password to the LDAP
object again and send it back to the server for authentication.
6. Click OK to save your changes. The new LDAP module appears in
the Security Manager screen, under External AA Servers.
7. Select the Authentication checkbox if you want CC-SG to use the
LDAP module for authentication of users.
8. Click Update to save your changes.
Sun One LDAP (iPlanet) Configuration Settings
If using a Sun One LDAP server for remote authentication, use this
example:
Parameter Name SUN One LDAP Parameters
IP Address/Hostname <Directory Server IP Address>
User Name CN=<Valid user id>
Password <Password>
BaseDN O=<Organization>
Filter (objectclass=person)
Passwords (Advanced Screen) Plain Text
Password Default Digest (Advanced) SHA
Use Bind unchecked
Use Bind After Search Checked