Ad group settings, Figure 98 ad group settings – Raritan Computer CC-SG User Manual
Page 118
104 C
OMMAND
C
ENTER
S
ECURE
G
ATEWAY
A
DMINISTRATOR
G
UIDE
5. Type a user’s attributes in Filter so the search query will be restricted to only those entries
that meet this criterion. The default filter is objectclass=user, which means that only entries
of the type user are searched.
6. Specify the way in which the search query will be performed for the user entry. If you check
Use Bind, CC-SG attempts to connect, or bind, to AD directly with the username and
password supplied in the applet. However, if a username pattern is specified in Bind
username pattern, the pattern will be merged with the username supplied in the applet and
the merged username will be used to connect to the AD server.
For example, if you have cn={0},cn=Users,dc=raritan,dc=com and TestUser has been
supplied in the applet, then CC-SG uses cn=TestUser,cn-Users,dc=raritan,dc=com to
connect to the AD server. Only check Use Bind when the user logging in from the applet has
permissions to perform search queries in the AD server.
7. Check Use Bind After Search to use the username and password you specified in the
General tab to connect to the AD server. The entry is searched in the specified Base DN and
is found if it meets the specified filtering criterion and if the attribute “samAccountName” is
equal to the username entered in the applet. Then, a second connection, or bind, is attempted
using the username and password supplied in the applet. This second bind assures that the
user provided the correct password.
8. Click Next to proceed. The Groups tab opens.
AD Group Settings
In the Groups tab, you can specify the exact location from which you want to import AD user
groups.
Important: You must specify Group settings before you can import groups from AD.
1. Click the Groups tab.
Figure 98 AD Group Settings
2. Specify a Base DN (directory level/entry) under which the groups, containing the user to be
authorized, will be searched.