Manualshelf

User guide

ManualsBrandsAvocent ManualsData Input DevicesMPU104E-001
61626364656667686970
level associated with a group is configured by setting the value of an attribute in the
group object.
For example, if the Notes property in the group objects list is used to implement the
access control attribute, the Access Control Attribute field on the LDAP Query Page
should be set to info. Setting the Notes property to KVM User Admin causes the
members of that group to have user administration access to the appliances and target
devices that are also members of that same group.
The Notes property is used to implement the access control attribute. The value of the
Notes property, available in group and user objects shown in Active Directory Users and
Computers (ADUC), is stored internally in the directory, in the value of the info attribute.
ADUC is a Microsoft Management Console snap-in for configuring Active Directory. It is
started by selecting Start - Programs - Administrative Tools - Active Directory Users and
Computers. This tool is used to create, configure and delete objects such as users,
computers and groups. See Appliance and Target Device Query Modes on page 62 for more
information.
The Group Container Mask field defines the object type of the Group Container, which is
normally an organizational unit. The default value is “ou=%1”.
The Target Mask field defines a search filter for the target device. The default value is
“cn=%1”.
The Access Control Attribute field specifies the name of the attribute that is used when the
query modes are set to User Attribute or Group Attribute. The default value is info.
To configure LDAP query parameters:
1. Select Appliance - Appliance Settings - User Accounts - LDAP Accounts - Query.
2. Select either Basic, User Attribute or Group Attribute for the Appliance Query Mode and
the Target Device Query Mode.
3. Enter the appropriate information in the Group Container, Group Container Mask, Target
Mask and Access Control Attribute fields.
4. Click Save.
NOTE: These options cannot be changed if the LDAP Priority is set to LDAP Disabled on the Overview screen.
Appliance and Target Device Query Modes
One of three different modes can each be used for Query Mode (Appliance) and Query Mode
(Target Device):
62 MergePoint Unity® Switch Installer/User Guide