beautypg.com

Ldap, Ldap 54 – Sentry Industries PT22 User Manual

Page 54

background image

LDAP

The Sentry family of products supports Lightweight Directory Access Protocol (LDAP) Version 3. This
support enables authentication with LDAP servers; user accounts do not need to be individually created
locally on each Sentry device.

This allows administrators to pre-define and configure (in each Sentry product, and in the LDAP
server) a set of necessary LDAP Groups, and access rights for each. User’s access rights can then be
assigned or revoked simply by making the user a member of one-or-more pre-defined Sentry LDAP
Groups. User accounts can be added, deleted, or changed in the LDAP server without any changes
needed on individual Sentry products.

Sentry 5.3b LDAP support has been tested in the following environments:

• Microsoft Active Directory (MSAD)

• Novell eDirectory (eDir)

• OpenLDAP

LDAP Command Summary

Command Description

Set Authorder

Specifies the authentication order for each new session attempt

Set LDAP

Enables/disables LDAP support

Set LDAP HostIP

Sets the IP address of the Directory Services server

Set LDAP Port

Sets the LDAP server port number

Set LDAP Bind

Specifies the LDAP bind request password type

Set LDAP BindDN

Specifies the user account Fully-Qualified Distinquished Name (FQDN) for binds

Set LDAP BindPW

Specifies the user account password for binds

Set LDAP GroupAttr

Specifies the user class distinguished name (DN) or names of groups a user is a
member of

Set LDAP GroupType

Specifies the data type for the Set LDAP GroupAttr command

Set LDAP UserBaseDN

Sets the base distinguished name (DN) for the username search at login

Set LDAP UserFilter

Sets the filter used for the username search at login

Show LDAP

Displays LDAP configurations

Set DNS

Sets the IP address of the Domain Name server

Ping

Verifies proper DNS configuration by name resolution

Show Network

Displays network configuration information

Create LDAPGroup

Adds an LDAP group name

Remove LDAPGroup

Deletes an LDAP group name

Add GrouptoLDAP

Grants an LDAP group access to one or more groups

Add OutlettoLDAP

Grants an LDAP group access to one or all outlets

Add PorttoLDAP

Grants an LDAP group access to one or serial ports

Delete GroupfromLDAP

Removes access to one or more groups for an LDAP group

Delete OutlettoLDAP

Removes access to one or more outlets for an LDAP group

Delete PortfromLDAP

Removes access to one or more serial ports for an LDAP group

Set LDAPGroup Access

Sets the access level for an LDAP group

Set LDAPGroup Envmon

Grants or removes privileges to view input and environmental monitoring status

List LDAPGroup

Displays all accessible outlet/groups/ports for an LDAP group

List LDAPGroups

Displays privilege levels for all LDAP groups

54

• Advanced Operations

Sentry PT22

Installation and Operations Manual