Administration, Ldap configuration – Tripp Lite B051-000 IP User Manual

22

Administration

LDAP Configuration

(continued)

f) Click Edit to bring up the String Attribute Editor:

g) Replace the value shown with the desired B051-000 permission

attribute value. (See below for details.)

The Permission Attribute Value

is made up of two parts; the IP address of the B051-000 a user will access and a string that indicates the access

rights the user has on the B051-000 at that IP address. The following rules apply to the makeup of the permission attribute value entry:

• An ampersand (&) connects the B051-000’s IP address with the access rights string.

• The access rights string is made up of various combinations of the following characters: c w j l v s. The characters can be entered in upper or

lower case. The meaning of the characters is provided in the Permission String Characters table, below.

• The characters in the access rights string are separated by a comma (,). There are no spaces before or after the comma.

• If a user has access rights to more than one B051-000, each permission segment is separated by a semicolon (;). There are no spaces before or

after the semicolon.

Character

Meaning

C

Grants the user administrator privileges, allowing the user to configure the system.

W

Allows the user to access the system via the Windows Client program.

J

Allows the user to access the system via the Java applet.

L

Allows the user to access log information via the user’s browser.

V

Limits the user’s access to only viewing the video display.

S

Allows the user to use the Virtual Media function.

Access rights examples are given in the table below:

User

Value

Meaning

User1

10.0.0.166&w,v

1. User has Windows Client and View Only rights on a B051-000 with an IP address of 10.0.0.166.
2. User has no rights on any other B051-000 units administered by the LDAP server.

User2

10.0.0.164&s;10.0.0.166&j,c

1. User has Virtual Media rights on a B051-000 with an IP address of 10.0.0.164.
2. User has Java Applet and Administrator rights on a B051-000 with an IP address of 10.0.0.166.
3. User has no rights on any other B051-000 units administered by the LDAP server.

User3

v,l;10.0.0.164&j

1. User has View Only and Log Information rights on all B051-000 units administered by the LDAP server.
2. User has Java Applet rights on a B051-000 with an IP address of 10.0.0.164.

User4

User has no access rights to any B051-000 units administered by the LDAP server.

User5

v,w

User has View Only and Windows Client rights on all B051-000 units administered by the LDAP server.

User6

v;10.0.0.166&;10.0.0.164&c,j

1. User has View Only rights on all B051-000 units administered by the LDAP server, except for the
ones with IP addresses of 10.0.0.166 and 10.0.0.164.
2. User has no access rights on the B051-000 with an IP address of 10.0.0.166.
3. User has Administrator and Java Applet rights on the B051-000 with an IP address of 10.0.0.164.

h) Click OK. When you return to the Attribute Editor page, the

permission entry now reflects the new permissions:

i) Click Apply to save the change and complete the procedure.

j) Repeat Step 3 (Edit Active Directory Users With the Extended

Schema) for any other users you wish to add.