77
WebConsole - Security Options
Click the
LDAP enabled
check box to make the LDAP options available for selection.
When LDAP is enabled, users are authenticated using the configuration set up on the LDAP server.
The “
administrator
” user is handled by the local NetLinx Master, and does not connect to the LDAP server for user verifi-
cation.
If an administrator password change is desired, LDAP must be disabled, the password changed and saved and then LDAP
re-enabled.
Users may not be added or deleted via the web pages when LDAP is enabled.
User access privileges cannot be changed via the web pages.
As users log onto a NetLinx Master, their user name and access privileges are displayed on the User Security Details page
section on page 73). This information is stored in the master’s RAM but is not written to non-volatile
memory, and is lost after rebooting the Master.
If a user is removed from the LDAP directory tree, access is denied, and if that user name is on the master’s User Security
Details web page it is removed.
Accepting Changes
Click the
Accept/Test
button to save changes on this page. Accepting changes is instantaneous and does not require rebooting
the Master.
Testing the Connection to the LDAP Server
After entering and accepting the parameters, the
Accept/Test
button can be used to test the connection to the LDAP server.
This test does a bind to the BIND DN using the Search Password entered.
If the bind is successful, the message
Connection
successful
is displayed.
If the server could not be reached or the bind is unsuccessful, the message
Could not connect to server -- Please check
LDAP URI, BIND DN and Search Password settings
is displayed.
Refer to Appendix A: LDAP Implementation Details in the NetLinx Programming Guide (available at www.amx.com) for additional
information.
IMPORTANT: For the NX-series Masters to work with LDAP over SSL (LDAPS), you must upload a CA server certificate in .pem format
to the Master’s FTP server. The certificate’s file name must be “ldap_ad.pem” and the file must be saved in a folder named “certs”.
Once the file is uploaded, you must reboot the Master for the certificate file to be read and employed by the system. LDAPS requires
Master Firmware version 1.3.78 or greater.
Instruction Manual - Incite Digital Video Presentation Systems