beautypg.com

HP Identity Driven Manager Software Licenses User Manual

Page 125

background image

3-63

Using Identity Driven Manager

Using the User Import Wizard

b.

Select the LDAP

Authentication type to be used with the imported user

data:

c.

Click

Next

to continue to the Authentication details window:

The Authentication details will vary based on the Authentication type
selected; however, all LDAP Authentication methods require the following
information:

Server

– The IP Address or DNS name (fully qualified domain name)

of the LDAP server.

The IP address can be used for Simple, Anonymous, and Kerberos-V5
authentication in non-SSL mode.

Domain

– The domain name that will be used to create the Realm in

IDM.

Base DN

– The Base Distinguished Name. This is the node in the

directory where the search for users will begin. For example, for the
domain "hp.com" the

Base DN

entry would be: dc=hp,dc=com

Authentication Description

Simple

Simple authentication, which is not very secure, sends the
LDAP server the fully qualified DN of the client (user) and
the client's clear-text password.

Digest-MD5

In Digest MD5, the server generates a challenge and the
client responds with a shared secret (password).

Kerberos-V5

Based on Internet standard security, Kerberos V5
authentication is used with either a password or a smart
card for interactive logon.

External-TLS

External authentication uses authentication services
provided by lower level network services such as TLS.

Anonymous

No authentication is required by LDAP server.

This manual is related to the following products: