beautypg.com

Authentication, Authentication using a local database, Authentication using an ldap server – TANDBERG Gatekeeper User Manual

Page 38

background image

TANDBERG Gatekeeper User Guide

Page 38 of 105

8.2.

Authentication

The TANDBERG Gatekeeper can use a user name and password based challenge-response scheme to

permit registrations. For details of how to configure your endpoint with the appropriate information,

please consult your endpoint manual.
The Gatekeeper supports the ITU H.235 specification [1] for authenticating the identity of network

devices with which the Gatekeeper communicates.
In order to verify the identity of a device, the Gatekeeper needs access to the password information. This

credential information may be stored in a local database on the Gatekeeper or obtained from an LDAP

Directory Server.

8.2.1.

Authentication using a local database

To configure the Gatekeeper to use the local database of credentials during authentication, either use

the command line interface and issue the following commands:

xConfiguration Authentication Mode: On

xConfiguration Authentication Database: LocalDatabase

or use the web interface via

Gatekeeper Configuration

>

Authentication

, setting

Authentication mode

to

On

and the

Authentication database

to

LocalDatabase

.

Viewing credentials
To show the credentials in the local database, either use the command line interface and issue the

following command:

xConfiguration Authentication Credential

or use the web interface via

Gatekeeper Configuration

>

Credentials.

Managing credentials
Each credential in the local database has a username and a password. To manage the credentials in the

local database, either use the command line interface to issue the following commands:

xcommand CredentialAdd

xcommand CredentialDelete

or use the web interface via

Gatekeeper Configuration

>

Credentials

. From here you can either add a

new credential by selecting

Add New Credential

, or manage an existing credential by highlighting it and

selecting

Edit

or

Delete

.

8.2.2.

Authentication using an LDAP server

Authentication information can be obtained from an LDAP server. The directory on the LDAP server

should be configured to implement the ITU H.350 specification [2] to store H.235 credentials for devices

that the Gatekeeper communicates with. The directory should also be configured with the H.323 aliases

of endpoints that will register with the Gatekeeper.
For instructions on how to configure common third party LDAP servers, see Appendix B.
To configure the Gatekeeper to use the LDAP server directory during authentication, either use the

command line interface to issue the following commands:

xConfiguration Authentication Mode: On

xConfiguration Authentication Database: LDAPDatabase

or use the web interface via

Gatekeeper Configuration

>

Authentication

, setting

Authentication mode

to

On

and

Authentication database

to

LDAPDatabase

.

See also other documents in the category TANDBERG Hardware: