Manualshelf

HP Intelligent Management Center v5.1 TACACS+ Authentication Manager Administrator Guide

ManualsBrandsHP ManualsComputer AccessoriesHP IMC TACACS+ Authentication Manager additional 500-node E-LTU
919293949596979899100
90
Validating on-demand synchronization policies
TAM allows you to validate all newly added or modified on-demand synchronization policies in bulk.
To validate an on-demand synchronization policy:
1. Click the Service tab.
2. Select TACACS+ AuthN Manager > LDAP Service > Sync Policies from the navigation tree.
The Sync Policy List displays all LDAP synchronization policies.
3. Click On-Demand Sync in the Sync Policy List area.
A confirmation dialog box appears.
4. Click OK.
All the on-demand synchronization policies are validated.
Managing LDAP users
An LDAP user is a device user in TAM that is bound with an LDAP synchronization policy.
The following rules apply during user synchronization from LDAP to TAM:
For LDAP users in TAM that exist on the LDAP server, user information in TAM will be overwritten by
that stored on the LDAP server.
For LDAP users in TAM that do not exist on the LDAP server, TAM will mark the user status as
Inexistent.
For users on the LDAP server that do not exist in TAM, user synchronization will be carried out
according to the configured synchronization policy.
Viewing LDAP users
TAM offers you the following methods for viewing LDAP users:
Viewing LDAP users in the device user list
Viewing LDAP users in the all bound user list
Viewing LDAP users in the bound user list of a specific synchronization policy
Viewing LDAP users in the device user list
To view LDAP users in the device user list:
1. Click the User tab.
2. Select Device User View > All Device Users from the navigation tree.
The Device User List displays all device users. Account names with the icon are LDAP users.
Device User List contents
Account NameAccount name of the LDAP user.
Device User GroupDevice user group to which the LDAP user belongs.
Created AtDate when the LDAP user was created.
Expired AtDate when the LDAP user expires and becomes invalid. The user cannot log in to
any device since 0:00 on the specified date. An empty field indicates that the LDAP user never
expires.