Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
681682683684685686687688689690
11-20
RADIUS Server
RADIUS Authentication
The internal RADIUS server verifies that these conditions are met. To do so, it must
bind to the LDAP server and perform searches, looking up the users account and
group memberships and verifying the users password. See “Configuring the Internal
RADIUS Server to Bind to an LDAP Server” on page 11-20.
To determine whether the users group is currently allowed access, the server checks
the policy stored for that group on its internal database. See “Configuring Groups for
Use with an LDAP Server” on page 11-24.
Configuring the Internal RADIUS Server to Bind to an LDAP Server.
If you select LDAP as the source for policies and user accounts, you must enable the
Wireless Edge Services zl Module to communicate with your company’s LDAP
server.
The internal RADIUS server performs these functions:
It binds to the LDAP server.
To complete the binding, the server submits a distinguished name and password
to the LDAP server. You must specify the name and password of an account with
administrative rights. In addition, you must specify the base directory in which
the administrator account is stored.
It searches the LDAP servers directory to check the users credentials and group
memberships.
You must configure filter strings, which the internal RADIUS server uses to
retrieve information from the directory:
With the user login filter, the internal RADIUS server verifies that the
supplicant has an account and that his or her password matches the password
in that account.
With the group login filter, the internal RADIUS server checks that the
supplicant is a member of a group that is allowed access.
You must also specify the names of attributes that the RADIUS server retrieves
during these searches, including the password and group memberships.
To configure LDAP settings, complete these steps:
1. Select Network Setup > Local RADIUS Server and click the Authentication tab.
2. From the Auth Data Source drop-down menu, select ldap.
3. In the LDAP Server Details section, click the Primary tab.