Manualshelf

User's Manual

ManualsBrandsDell ManualsComputer equipmentPowerconnect W-ClearPass Hardware Appliances
461462463464465466467468469470
and then check the Select2 Options for additional properties. The server will then look up sponsors during self-
registration and double-check the attribute used for emails on the LDAP server. This option requires that the
sponsor_email and do_ldap_lookup fields are enabled in the registration form, and that you have the LDAP
Sponsor Lookup plugin installed. Use the Plugin Manager to verify that this plugin is available.
In the Operator Logins area, to use this LDAP server to authenticate operator logins, select the Enabled
check box. Use the Default Profile drop-down list to select the default operator profile to assign to operators
authorized by this LDAP server.LDAP servers for operator logins are configured in Policy Manager.
When you have completed the form, you can check your settings. Use the Test Username and Test
Password fields to supply a username and password for the authentication check, then click the Test
Settings button. The minimum password length is six characters. If the authentication is successful, the
operator profile assigned to the username will be displayed. If the authentication fails, an error message will be
displayed. See "LDAP Operator Server Troubleshooting" on page 469 for information about common error
messages and troubleshooting steps to diagnose the problem.
Click the Save Changes button to save this LDAP Server. If the server is marked as enabled, subsequent
operator login attempts will use this server for authentication immediately.
Advanced LDAP URL Syntax
If you select Microsoft Active Directory as the Server Type on the Administration >Operator Logins
>Servers > Server Configuration form, the LDAP server connection will use a default distinguished name of
the form dc=domain,dc=com, where the domain name components are taken from the bind username.
To specify a different organizational unit within the directory, include a distinguished name in the LDAP server
URL, using a format such as:
ldap://192.0.2.1/ou=IT%20Services,ou=Departments,dc=server,dc=com
To specify a secure connection over SSL/TLS, use the prefix ldaps://.
To specify the use of LDAP v3, use the prefix ldap3://, or ldap3s:// if you are using LDAP v3 over SSL/TLS.
When Microsoft Active Directory is selected as the Server Type, LDAP v3 is automatically used.
An LDAP v3 URL has the format ldap://host:port/dn?attributes?scope?filter?extensions.
l dn is the base X.500 distinguished name to use for the search.
l attributes is often left empty.
l scope may be ‘base’, ‘one or ‘sub’.
l filter is an LDAP filter string, for example, (objectclass=*)
l extensions is an optional list of name=value pairs.
Refer to RFC 2255 for further details.
LDAP Operator Server Troubleshooting
At Administration >Operator Logins >Servers, you can use the LDAP Operator Servers list to
troubleshoot network connectivity, operator authentication, and to look up operator usernames.
Dell Networking W-ClearPass Guest 6.4 | User Guide Operator Logins | 469