Chapter 6: SX II Administration
106
information about updating the AD LDAP/LDAPS schema.
To enable your AD server on SX II:
1. In SX II, create special groups and assign proper permissions and
privileges to these groups.
For example, create groups such as AD_Admin and AD_Operator.
2. On your Active Directory server, create new groups with the same
group names as in the previous step.
3. On your AD server, assign the SX II users to the groups created in
step 2.
4. From the SX II, enable and configure your AD server properly. See
Implementing LDAP/LDAPS Remote Authentication.
Important Notes
•
Group Name is case sensitive.
•
The SX II provides the following default groups that cannot be
changed or deleted: Admin and <Unknown>. Verify that your Active
Directory server does not use the same group names.
•
If the group information returned from the Active Directory server
does not match the SX II group configuration, the SX II automatically
assigns the group of <Unknown> to users who authenticate
successfully.
•
If you use a dialback number, you must enter the following case-
sensitive string: msRADIUSCallbackNumber in field "Dialback Query
String".
•
Based on recommendations from Microsoft, Global Groups with user
accounts should be used, not Domain Local Groups.
Returning User Group Information via RADIUS
When a RADIUS authentication attempt succeeds, the SX II determines
the permissions for a given user based on the permissions of the user's
group.
Your remote RADIUS server can provide these user group names by
returning an attribute, implemented as a RADIUS FILTER-ID. The
FILTER-ID should be formatted as follows: Raritan:G{
GROUP_NAME
}
where
GROUP_NAME
is a string denoting the name of the group to
which the user belongs.
Raritan:G{GROUP_NAME}:D{Dial Back Number}
where GROUP_NAME is a string denoting the name of the group to
which the user belongs and Dial Back Number is the number associated
with the user account that the SX II modem will use to dial back to the
user account.
Summary of Contents for Dominion SX II
Page 75: ...Chapter 5 Raritan Serial Console RSC Help 68 2 Click Yes when prompted to confirm...
Page 130: ...Chapter 6 SX II Administration 123 6 Click OK...
Page 165: ...Chapter 6 SX II Administration 158 17 Click OK Apply Settings to Other Ports...
Page 260: ...253 Dominion SX II Overview Appendix C FAQs...
Page 267: ...Appendix C FAQs 260 Installation Management Configuration...