H3C Technologies H3C Intelligent Management Center User Manual
Page 380
362
This area appears only when the system parameter Apply for Service by User Group is disabled.
For more information about the Apply for Service by User Group feature, see "
."
The access service list displays the services that have been applied for by the users synchronized
to UAM.
Viewing policy information whose Sync Object is Device Users
To view detailed information about a synchronization policy whose Sync Object is Device Users:
1.
Access the LDAP synchronization policy list page.
2.
Click the name of an LDAP synchronization policy whose Sync Object is set to Device Users.
The Sync Policy Information page appears.
Sync Policy Basic Information area
{
Policy Name—LDAP synchronization policy name.
{
Server Name—LDAP server name.
{
Base DN—Absolute path of the base directory that stores user data in the LDAP server.
{
Sub-Base DN—Absolute path of the subdirectory that stores user data in the LDAP server. UAM
synchronizes only the user data under the specified subdirectory from the server.
{
Filter Condition—Filter criteria for the synchronization policy. Only users that meet these criteria
can be synchronized to UAM.
{
State—Policy usability state: Valid or Invalid.
{
Auto Synchronization—If this option is enabled (Yes), UAM automatically executes the
synchronization policy every day as scheduled. The execution time depends on the system
settings for scheduled daily tasks. If this option is disabled (No), UAM performs synchronization
on an as needed basis.
{
Create Device User—If this option is enabled (Yes), UAM synchronizes users that do not exist in
UAM from the LDAP server, and add these users to UAM database as device management users.
If this option is disabled (No), UAM does not synchronize users in LDAP server that do not exist
in UAM.
{
Synchronize Users in Current Node Only—If this option is enabled (Yes), UAM synchronizes
users directly under the specified sub-base DN, but does not synchronize users in any OU under
the sub-base DN. If this option is disabled (No), UAM synchronizes all users in the sub-base DN,
including users in the OUs in the sub-base DN.
{
Service Group—Service group that the LDAP synchronization policy belongs to. It is always the
same as the service group that the LDAP server is assigned to.
{
Sync Object—Displays Device Users, which indicates that the policy synchronizes users from
LDAP server to UAM as device management users.
Basic Information of Device User area
{
User Name Attribute—Attribute description used on the LDAP server for usernames. UAM uses
the value of the attribute as the username of the LDAP user account when executing the
synchronization policy.
{
Password Attribute—Attribute description used on the LDAP server for user passwords. UAM
uses the value of the attribute as the user password when executing the synchronization policy.
For more information about LDAP user passwords, see "