HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 100-node License

101

102

103

104

105

106

107

108

109

110

• Add to Blacklist—This link appears only when the LDAP user is not blacklisted. Click Add to

Blacklist. A confirmation dialog box appears. Click OK to add the LDAP user to the blacklist.

• Remove from Blacklist—This link appears only when the LDAP user is blacklisted. Click Remove

from Blacklist. A confirmation dialog box appears. Click OK to remove the LDAP user from the

blacklist.

• Authentication Log—Click the link to view the authentication log list of the LDAP user. For more

information about authentication logs, see "

Managing authentication logs."

• Authorization Log—Click the link to view the authorization log list of the LDAP user. For more

information about authorization logs, see "

Managing authorization logs."

• Audit Log—Click the link to view the audit log list of the LDAP user. For more information about audit

logs, see "

Managing audit logs."

4. Click Back to return to the All Bound User List.

Binding device users with an LDAP synchronization policy

A device user can be bound with an LDAP synchronization policy in the following ways:

• Automatic—The system automatically synchronizes user data from an LDAP server to TAM and

creates corresponding LDAP users during synchronization. These users are automatically bound

with the synchronization policy. For more information, see "

Executing an LDAP synchronization

policy."

• Manual—You can also manually bind a device user with an LDAP synchronization policy. In The

following information, we will explore manually binding a device user with an LDAP

synchronization policy.

To manually bind device users with an LDAP synchronization policy:

1. Click the User tab.

2. Select Device User View > LDAP Users > Target Policy Name from the navigation tree.

The Bound User List displays all device users bound with the policy.

3. Click Add in the Bound User List area.

The Unbound User List window appears, displaying all device users that are not bound to any

LDAP synchronization policy.

4. Enter or select one or multiple of the following query criteria:

 Account Name—Enter the account name of an LDAP user. TAM supports fuzzy matching for this

field. For example, if you enter sam, all unbound users with names containing sam are queried.

 Device User Group—Click the Select User Group icon . The Select Device User Group

window appears. Select a group and click OK. Click the Clear icon to clear your selection.

If a field is empty, this field does not serve as a query criterion.

5. Click Query.

The Unbound User List displays all device users matching the query conditions.

6. Select one or multiple users.

7. Click OK.

The operation result page appears, displaying the number of uses that have been successfully

bound with the synchronization and the number of failures. If failures exist, click Download to

download or view the reasons for the failure in the operation log.

8. Click Back to return to Bound User List.