Configuring Remote LDAP Authentication
CBH interconnects with the LDAP server to authenticate CBH system user logins.
This topic describes how to configure the LDAP authentication mode.
Constraints
- One-click synchronization of LDAP server users is not supported.
- Identical configurations of two LDAP authentication servers are not allowed. Each LDAP server has unique combination of IP address, port number, and user OU.
Prerequisites
- You have the management permissions for the System module.
- You have obtained the information about the LDAP server.
Procedure
- Log in to the CBH system.
- Choose System > Sysconfig > Authenticate.
Figure 1 Configuring remote authentication
- Click Add in the LDAP Settings area.
LDAP supports the two authentication modes:
- If you select Auth for Auth Mode, configure the parameters by referring to Table 1.
Figure 2 Configuring LDAP authentication
Table 1 LDAP authentication parameters Parameter
Description
Server
Specifies the IP address of the LDAP server.
Status
Specifies whether to enable remote LDAP authentication. Remote LDAP authentication is enabled by default ().
- : LDAP authentication is enabled. Remote LDAP authentication is enabled when the user logs in to the CBH system.
- : LDAP authentication is disabled.
SSL
Specifies whether to enable SSL encryption. SSL encryption is disabled by default ().
- : SSL encryption is disabled.
- : SSL encryption is enabled. After SSL encryption is enabled, data transmitted by synchronized users or authenticated users is encrypted.
Port
Specifies the access port of the remote LDAP server. The default port number is 389.
User OU
Specifies the user organization unit (OU) on the LDAP server.
User Filter
Specifies the users to be filtered out on the LDAP server.
- Select Auth for Auth Mode and configure the parameters by referring to Table 2.
Querying authentication method is included in version V3.3.36.0 and later only. To use this function, upgrade your CBH system to V3.3.36.0 or later by referring to Upgrading the CBH System Version.
Figure 3 Inquire
Table 2 LDAP inquiring mode parameters Parameter
Description
Server
Specifies the IP address of the LDAP server.
Status
Specifies whether to enable remote LDAP authentication. Remote LDAP authentication is enabled by default ().
- : LDAP authentication is enabled. Remote LDAP authentication is enabled when the user logs in to the CBH system.
- : LDAP authentication is disabled.
SSL
Specifies whether to enable SSL encryption. SSL encryption is disabled by default ().
- : SSL encryption is disabled.
- : SSL encryption is enabled. After SSL encryption is enabled, data transmitted by synchronized users or authenticated users is encrypted.
Port
Specifies the access port of the remote LDAP server. The default port number is 389.
Base DN
Base DN of the LDAP server.
Administrator DN
Administrator DN.
Administrator Password
Password of the administrator.
User OU
Specifies the user organization unit (OU) on the LDAP server.
User Filter
Specifies the users to be filtered out on the LDAP server.
- If you select Auth for Auth Mode, configure the parameters by referring to Table 1.
- Click OK. You can then view LDAP authentication configurations in the LDAP server list.
Figure 4 LDAP authentication
Follow-up Operations
- To view details of the configured LDAP authentication, click Details in the Operation column.
- To modify or disable LDAP authentication, click Edit in the Operation column and reconfigure LDAP authentication in the displayed dialog box.
- If the LDAP authentication is no longer required, click Delete in the Operation column to delete it. Deleted authentication information cannot be recovered. Exercise caution when performing this operation.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot