Chapter 12: Remote Authentication
191
5. Type a name for the AD server in the Module name field.
The maximum number of characters is 31.
All printable characters may be used.
The module name is optional and is specified only to distinguish
this AD server module from any others that you configure in
CC-SG. The name is not connected to the actual AD server
name.
6. Click Next to proceed. The General tab opens.
AD General Settings
In the General tab, you must add the information that allows CC-SG to
query the AD server.
Do not add duplicate AD modules. If your users see a message that says
"You are not a member of any group" when attempting to login, you may
have configured duplicate AD modules. Check the modules you have
configured to see if they describe overlapping domain areas.
1. Type the AD domain you want to query in the Domain field. For
example, if the AD domain is installed in the xyz.com domain, type
xyz.com in the Domain field. CC-SG and the AD server you want to
query must be configured either on the same domain or on different
domains that trust each other.
Note: CC-SG will query all known domain controllers for the domain
specified.
2. Type the IP addresses of the Primary and Secondary DNS servers in
the Primary DNS Server IP Address and Secondary DNS Server IP
Address fields respectively, or select the Use default CC-SG DNS
checkbox to use the DNS configured in the Configuration Manager
section of CC-SG. See
Advanced Administration
(on page 237).
3. Select the Anonymous Bind checkbox if you want to connect to the
AD server without specifying a username and password. If you use
this option, ensure that the AD server allows anonymous queries.
Note: By default, Windows 2003 does NOT allow anonymous
queries. Windows 2000 servers do allow certain anonymous
operation whose query results are based on the permissions of each
object.
4. If you are not using anonymous binding, type the username of the
user account you want to use to query the AD server in the "User
name" field. The format required depends on your AD version and
configuration. Use one of the following formats.
A user named User Name with a login name UserN in the
raritan.com domain could be entered as:
cn=UserName,cn=users,dc=Raritan,dc=com