Adding an ldap server – H3C Technologies H3C Intelligent Management Center User Manual
Page 368
350
The parameter appears only when Remove Prefix or Remove Suffix is selected.
{
Prefix—String to be added before an account name. The prefix is separated from the account
name by a forward slash (/). For example, if you set the prefix to uam for account guest, the
resulting account name is uam/guest.
This parameter appears only when Add Prefix is selected and the LDAP server type is Microsoft
AD.
{
Password Policy—Policy an LDAP user must comply with when modifying the password. This
policy must be consistent with the password policy configured on the LDAP server. This
parameter appears only when the server type is set to Microsoft AD and SSL is used to encrypt
the packets exchanged between UAM and the LDAP server.
Standby Server Information area
{
Address—Domain name or IP address of the standby LDAP server. UAM sends the
authentication requests of LDAP users to this server after the primary LDAP server becomes
unavailable.
{
Server in Use—LDAP server being used for authenticating LDAP users.
{
Auto Back to Primary—When the primary LDAP server becomes unavailable, UAM switches
over to the standby server and starts regularly checking the availability of the primary server.
−
If the Auto Back to Primary setting is Yes, UAM automatically switches back to the primary
server after the server becomes available.
−
If the Auto Back to Primary setting is No, UAM continues to use the standby server.
{
Interval—Minimum interval between a primary-to-standby switchover and an automatic
back-to-primary switchover.
This setting takes effect only when auto back to primary is enabled. UAM can automatically
switch back to the primary server only if the standby server has been working for a period
equal to or longer than this interval since the primary-to-standby switchover.
Adding an LDAP server
1.
Access the LDAP server list page.
2.
Click Add.
3.
Configure basic LDAP server information:
{
Server Name—Enter the LDAP server name, which must be unique in UAM.
{
Version—Select a LDAP protocol version (V2 or V3) from the list.
{
Address—Enter the domain name or IP address of the LDAP server. If the LDAP server has more
than one NIC, enter the IP address of the NIC used for communicating with UAM.
{
Port—Enter the TCP port number to which the LDAP server listens for the packets from UAM. The
default port number is 389, which is used by most LDAP servers.
{
Server Type—Select an LDAP server type: Microsoft AD or General (any server type, including
Microsoft Windows AD).
−
To use Microsoft Windows AD specific functions like AD-based service assignment, you must
set the server type to Microsoft AD. If the server type is set to Microsoft AD, LDAP user
authentication must be performed by the LDAP server.
−
In any other cases, set the server type to General.