beautypg.com

H3C Technologies H3C Intelligent Management Center User Manual

Page 101

background image

92

{

Expiration Date—Date when the LDAP user expires and becomes invalid, in the format

YYYY-MM-DD. An empty field indicates that the user will never be expired.

{

Max. Online Users—Maximum number of online users allowed by an LDAP user account.

{

Enable Privilege-Increase Password—Whether privilege-increase password is enabled: Yes or

No.

{

Enable Password Strategy—Whether the password strategy is enabled. If it is enabled, the
requirements of password strategy must be met when device users change a password. If it is

disabled, device users are not controlled by the password strategy when they change a

password. The password strategy does not take effect when TAM operators set passwords for

device users. For information about configuring password strategies, see "12 Configuring
global system settings."

{

Device User Group—Device user group to which the LDAP user belongs.

The Action menu is displayed on the upper-right corner of the LDAP User Information page.
Options are:

{

Refresh—Refresh the LDAP User Information page.

{

Modify—Access the page for modifying the LDAP user.

{

Cancel Account—Cancel the LDAP user account.

{

Add to Blacklist—Add the LDAP user to the blacklist. This link appears only when the LDAP user

is not blacklisted.

{

Remove from Blacklist—Remove the LDAP user from the blacklist. This link appears only when
the LDAP user is blacklisted.

{

Unbind LDAP User—Unbind the LDAP user from the LDAP synchronization policy. After the
operation, the LDAP user becomes a normal device user in TAM.

{

Authentication Log—View the authentication log list of the LDAP user. For more information
about authentication logs, see "

Managing authentication logs

."

{

Authorization Log—View the authorization log list of the LDAP user. For more information about
authorization logs, see "

Managing authorization logs

."

{

Audit Log—View the audit log list of the LDAP user. For more information about audit logs, see
"

Managing audit logs

."

4.

To return to the All Bound User list, click Back.

Binding device users with an LDAP synchronization policy

A device user can be bound with an LDAP synchronization policy in the following ways:

Automatic—The system automatically synchronizes user data from an LDAP server to TAM and
creates corresponding LDAP users during synchronization. These users are automatically bound

with the synchronization policy. For more information, see "

Synchronizing LDAP users

."

Manual—You can manually bind a device user with an LDAP synchronization policy.

To manually bind device users with an LDAP synchronization policy:

1.

Click the User tab.

2.

On the navigation tree, place the pointer over the Expand icon next to Device User > LDAP Users
to expand all LDAP synchronization policies.

3.

Click the name of an LDAP synchronization policy.
The Bound User list displays all device users bound with the policy.

See also other documents in the category H3C Technologies Safety: