Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 500-node E-LTU
81828384858687888990
82
expires, TAM stops the synchronization, regardless of whether the synchronization is complete
or not. If you do not want to set a time limit, set the timer to 0.
5. Modify backup server information:
Base DNEnter the absolute path of the directory that stores user data on the LDAP server.
Admin DNEnter the absolute path that locates the administrator on the LDAP server.
Admin PasswordEnter the administrator password.
User Attribute Name Enter the attribute description used on the LDAP server for usernames.
Password AttributeEnter the attribute description used on the LDAP server for user passwords.
This parameter is not required when the Server Type is Microsoft AD, whose user passwords
cannot be read by TAM.
The base DN, administrator DN, username, and password attribute descriptions vary with LDAP
servers. You can get their attribute descriptions on the LDAP server you are working with by using
tools such as Softerra LDAP Administrator.
6. Modify backup server information:
To provide non-stop services, configure a backup server to provide authentication for the LDAP
users when the primary server is unavailable. The primary to backup switchover takes about one
minute. During this period, all requesting LDAP users are rejected and told that they have another
connection being authenticated and must retry later. The switchover does not affect any online
user.
IP AddressEnter the IP address of the backup LDAP server. If you do not want to configure a
backup server, leave this field em pty.
Server in UseSelect the LDAP server to authenticate LDAP users, Primary or Backup. To select
the backup server, the IP address of the backup server must have been configured.
Auto Back to PrimarySelect the option to enable Auto Back to Primary. When the primary
LDAP server becomes unavailable, TAM switches over to the backup server and starts regularly
checking the availability of the primary server. If the Auto Back to Primary setting is Yes, TAM
automatically switches over to the primary server after the server becomes available. If the
setting is No, TAM continues to use the backup server. This parameter does not take effect if
Server in Use is set to Backup.
IntervalEnter the minimum interval (in hours) between a primary-to-backup switchover and an
automatic backup-to-primary switchover. This setting takes effect only when auto back to
primary is enabled. TAM can automatically switch back to the primary server only if the backup
server has been working for a period equal to or longer than this interval since the
primary-to-backup switchover. This feature helps avoid frequent primary and backup changes
caused by primary server instability.
7. Click Test to test the connectivity to the LDAP server. If the connection attempt fails, follow the
displayed tips to check for configuration errors.
8. Click OK.
NOTE:
If the LDAP server has been associated with an on-
demand synchronization policy and you have changed
the password or username attribute description, click On-Demand Sync on the synchronization policy
page to validate the changes.