beautypg.com

Avocent Network Device SPC420 User Manual

Page 111

background image

Chapter 6: Authentication Services 91

Click Do Not Use SSL to have authentication performed using unencrypted clear text
instead of SSL encryption. This method is the least secure and automatically sets the Port
Number field to a default port number of 389.

Click Use SSL in Trust All Mode to use SSL encryption for data transmission. All server
certificates will be trusted and automatically accepted by the DSView 3 software for
transmitting data. This SSL method provides medium security and automatically sets the
Port Number field to a default port number of 636.

This encryption mode is not recommended for wide area networks (WANs).

Click Use SSL in Certificate-based Trust Mode to use SSL encryption for data
transmission. The DSView 3 software will approve the server and then the certificate
before transmitting data. This SSL method provides maximum security and automatically
sets the Port Number field to a default port number of 636.

9.

Click Save to save your changes.

If you selected Use SSL in Certificate-based Trust Mode, the Certificates heading will appear
in the side navigation bar. Go to step 8.

If you selected Do Not Use SSL or Use SSL in Trust All Mode, go to step 15.

10. Click Certificates. The Authentication Service Certificate Management - LDAP window will

open and list all servers that belong to the domain. A status of Trusted indicates the certificate
is trusted, based on the certificate policy (see System certificate policy and trust store on
page 47
); Untrusted indicates the certificate cannot be trusted.

11. To register certificates, click the checkbox to the left of the server IP address(es). To select all

server IP addresses on the page, click the checkbox to the left of the IP Address heading.

12. Click Register to register the certificates. The Accept SSL Certificate window will appear.

13. Click Save to store the certificate values to the DSView 3 software database on the host.

The Certificate Management window will open if only one certificate was selected. If more
than one certificate was selected, each will appear in order in subsequent Accept SSL
Certificate windows.

14. To unregister one or more certificates, check the checkbox to the left of the server IP

address(es). To select all server IP addresses on the page, click the checkbox to the left of the
IP Address heading.

15. Click Unregister to unregister the certificates.

16. A confirmation message box will appear. Confirm or cancel the operation.

17. Click Close. The User Authentication Services window will open.

To change user schema settings for the LDAP external authentication service:

1.

Click the Users tab.

2.

Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.