Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 1000-node E-LTU
101102103104105106107108109110
99
Base DNThis field is automatically populated with the absolute path of the directory that
stores user data in the selected LDAP server.
Sub-Base DNEnter the absolute path of the subdirectory that stores user data on the LDAP
server and make sure it is in the base DN directory or be the same as the base DN directory.
TAM synchronizes the user data under sub-base DN rather than base DN.
The DNs of attributes vary with LDAP servers. To get the correct sub-base DN path, use tools
such as Softerra LDAP Administrator.
Filter ConditionEnter a filter to match user data you want to synchronize to the TAM. The most
basic filter takes the form (attribute=value), where you can use the wildcard asterisk (*) in the
value pattern to match any character or character string. For example, the filter (cn=He*)
matches any entry that has a cn attribute value that starts with He.
You may also use a complex filter in the form (operator(attribute1=value)(attribute2=value)) or
(operator(attribute1=value)(operator(attribute2=value))) for advanced filtering. The operator
can be & (AND), | (OR), or ! (NOT). For example, the filter (&(objectclass=a*)(!(cn=b*)))
enables the TAM to synchronize any entry that has an objectclass attribute value starting with
a and a cn attribute value not starting with b.
The default filter varies with LDAP server type. If the server type is Microsoft AD, the default filter
is (&(objectclass=user)(sAMAccountName=*)). If the server type is General, the default filter is
(&(objectclass=*)(cn=*)).
9. Click Query.
The window for configuring export file settings appears. Specify the following parameters:
AttributeClick the box next to the Attribute Name field for the attributes you want to export.
SampleThis field displays the sample values for the attribute.
SeparatorSelect a column separator to separate user attributes in the export file. Available
options include Space, TAB, comma (,), colon (:), pound sign (#) and dollar sign ($).
Export Column HeaderSelect this option to export the attribute names as the column titles in
the text file. If you do not select this option, the text file has no column titles.
10. Click Export.
When the export process is complete, TAM displays the export result, including the name and
location of the file that saves the exported user data.
11. Click Download the Export File to view the exported user data.
12. Click Back to return to Query Users page.
Batch operations for LDAP users
Batch operations for LDAP users are the same as those for common device users. For more information,
see "Batch modifying device users" and "Batch cancelling device users."