H3C Technologies H3C Intelligent Management Center User Manual
Page 371
353
{
Admin Password—Enter the administrator password.
{
User Name Attribute—Enter the attribute description used on the LDAP server for usernames.
{
Password Attribute—Enter the attribute description used on the LDAP server for user passwords.
This parameter does not need to be configured when the Server Type is Microsoft AD, whose
user passwords are not readable.
The password attribute values in UAM correspond to user passwords in the LDAP server. For
more information, see "
Supplementary information for LDAP user passwords stored in UAM
."
{
Password Policy—Policy an LDAP user must comply with when modifying the password. This
policy must be consistent with the password policy configured on the LDAP server. This
parameter appears only when the following requirements are met:
−
The server type is set to Microsoft AD.
−
SSL is used to encrypt the packets exchanged between UAM and the LDAP server.
−
The User must change password at next logon option is selected on the LDAP server.
{
Account Format—Select the way in which UAM handles account names obtained from the LDAP
server:
−
Unchanged—Does not change the account names.
−
Remove Prefix—Removes the prefix of an account name.
−
Remove Suffix—Removes the suffix of an account name.
−
Add Prefix—Adds a prefix before an account name.
{
Delimiter—Enter a case-sensitive string that separates the trimmed characters from the
remaining characters. For example, if you select Remove Prefix and set the delimiter to an at
sign (@) for account [email protected], the remaining account name is test.com. If you select
Remove Suffix and set the delimiter to a dot (.) for the account, the remaining account name is
Jack@test.
The parameter appears only when Remove Prefix or Remove Suffix is selected.
{
Prefix—Enter the prefix to be added before an account name. The prefix is separated from the
account name by a forward slash (/). For example, if you set the prefix to uam for account guest,
the resulting account name is uam/guest.
This parameter appears only when Add Prefix is selected and the LDAP server type is Microsoft
AD.
5.
Configure a standby server.
To provide non-stop services, configure a standby server to provide authentication for the LDAP
users when the primary server is unavailable. The primary to standby switchover takes about one
minute. During this period, all network access requests from LDAP users are rejected. However, the
switchover does not affect any online user.
{
IP Address—Enter the IP address of the standby LDAP server.
{
Server in Use—Select the LDAP server being used for authenticating LDAP users.
{
Auto Back to Primary—Select the option if you want UAM to automatically stop using the
standby server and switch back to the primary server after the server becomes available.
Otherwise, UAM continues to use the standby server. This parameter does not take effect if you
set Server in Use to Standby.
{
Interval—Enter the minimum interval between a primary-to-standby switchover and an
automatic back-to-primary switchover.