Manualshelf

Management and Configuration Guide (Includes ACM xl) 2005-12

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
161162163164165166167168169170
ProCurve Secure Access 700wl Series Management and Configuration Guide 5-15
Configuring Authentication
a.
Select User bind from the drop-down field
b. Specify the bind string as uid=%s.
c. Check the box Append the base DN to the above bind string or type the base DN directly into
the bind string.
For Non-User binding (if your LDAP server allows this):
a. Select Non-User bind.
b. If the password field is not returned, select the first radio button (Use the username field as
an alias
).
c. If the user logon name is used as the DN, select the second radio button (Use the returned
password for authentication
).
i.
Specify the password field. Typically this will be “userPassword”
ii.
Specify the encryption method. By default the iPlanet directory service uses SHA.
The iPlanet directory service returns the encryption method with every record, and the
700wl Series system uses the method returned in the record if it differs from the method
specified in the Password Encryption field. This allows the 700wl Series system to correctly
decrypt passwords in situations where there may be multiple encryption methods used in a
single database.
d. Select Bind using rootdn/rootpw or Anonymous bind.
i.
If you selected Bind using rootdn/rootpw, enter the Rootdn and Rootpw for your database.
Step 5. Click Save.
Configuring the 802.1X Passive Authentication Service
802.1X passive authentication requires minimal configuration within the 700wl Series system.
To configure the 802.1X service:
Step 1. Click the Rights button in the Navigation bar, then go to the Authentication Policies tab.
Step 2. Click the Authentication Services link in the left panel to go to the Authentication Services page.
Step 3. On the Authentication Services page, click New Service button.
Step 4. Click the 802.1X Passive link in the left-hand panel of the page.
The Edit Authentication Service - 802.1X page appears (see Figure 5-5).
Note:
There is only one configuration allowed for 802.1X passive authentication. Therefore, you can
edit the RADIUS configuration for this service, but you cannot create a second 802.1X service.