Radius Authentication; Overview - Hitachi COMPUTE BLADE 500 SERIES Management Module Setup Manual

¢
¢
¢
¢
¢
¢
Displaying/setting LDAP server linkage
Displaying LDAP server linkage setting
Registering/changing LDAP server
Initialize LDAP server linkage setting
Setting LDAP directory searching
Setting group authentication

RADIUS authentication

This section describes RADIUS authentication in management modules.

Overview

In this system unit, users can be authenticated by using Remote
Authentication Dial In User Service (hereafter referred to as RADIUS).
In RADIUS authentication, RADIUS servers determine whether a user can log
in at user authentication. By adding user account information to the RADIUS
servers, you can then use the added user account to log in to any module
that uses RADIUS authentication, without having to register user account
information to each module.
2-104
Hitachi Compute Blade 500 Series Management Module Setup Guide
latter authentication method performs authentication by checking
whether the user account to be authenticated is included among all
user accounts that satisfy the conditions set for the search filter that
are described later.
Attribute Indicating Groups
Tip: You do not need to specify attribute if the LDAP directory you are
using is able to determine that an account belongs to the group DN or
not by "tokenGroups" attribute or "gidNumber" attribute.
DN Whose Login is Allowed
Specify the group DN created in "Registering Groups".
Role of the group DN
Search DN for the dynamic group
Search filter for the dynamic group
Role of the dynamic group
Table 2-96 Web console operation
Item
Table 2-97 CLI console operation
Item
Functional detail
Description
Administration tab > LDAP
Operation
show user ldap
set user ldap server
clear user ldap
set user ldap search
set user ldap group