Owner's manual

ManualsBrandsRaritan Computer ManualsHardwareCC-SG

111

112

113

114

115

116

117

118

119

120

Table Of Contents

Chapter 1: Introduction
- Prerequisites
- Intended Audience
- Terminology/Acronyms
Chapter 2: Accessing CC-SG
- Browser-Based Access
- Thick Client Access
  - Install the Thick Client
  - Use the Thick Client
- CC-SG Window Components
- Check IP Address, Firmware Version, and Application Versions
- Power Down CC-SG
- Compatibility Matrix
Chapter 3: Configuring CC-SG with Guided Setup
- Prepare to Configure CC-SG with Guided Setup
- Guided Setup Overview
- Start Guided Setup:
- Associations
  - Create Categories and Elements
- Device Setup
  - Discover and Add Devices
- Create Groups
  - Add Device Groups and Node Groups
- User Management
  - Add User Groups and Users
Chapter 4: Creating Associations
- Associations
- Association Manager
Chapter 5: Adding Devices and Device Groups
- The Device Tab
- Device and Port Icons
- Search for Devices
- Add a Device
  - Adding a KVM or Serial Device
  - Adding a PowerStrip Device
- Discover Devices
- Edit Device
  - Edit PowerStrip Device
- Delete Device
- Configure Ports
- Device Management
- Viewing Devices
  - Tree View
  - Custom View
- Special Access to Paragon II System Devices
  - Paragon II System Controller (P2-SC)
  - IP-Reach and UST-IP Administration
- Device Group Manager
Chapter 6: Configuring Nodes and Interfaces
- View Nodes
- Nodes and Interfaces Overview
  - About Nodes
  - About Interfaces
- Add Node
- Add an Interface
- Connect to a Node
- Edit an Interface
- Delete an Interface
- Ping a Node
- Edit a Node
- Delete a Node
- Chat
- Node Groups
Chapter 7: Adding and Managing Users and User Groups
- The Users Tree
- Special User Groups
- Add User Groups
- Edit A User Group
- Delete User Group
- Add User
- Edit a User
- Delete User
- Assign Users To Group
- Delete Users From Group
- Other User and User Group Functions
Chapter 8: Policies
- Controlling Access Using Policies
  - Policy Summary
- Node Groups
- Device Groups
- Policy Manager
- Applying Policies To User Groups
Chapter 9: Configuring Remote Authentication
- Authentication and Authorization (AA)
  - Flow for Authentication
  - User Accounts
- Distinguished Names for LDAP and AD
  - Username
  - Base DN
- AD Configurations
- Add LDAP (Netscape) Module to CC-SG
- Add a TACACS+ Module
  - TACACS+ General Settings
- Add a RADIUS Module
  - RADIUS General Settings
- Specify Modules for Authentication and Authorization
- Establish Order of External AA Servers
Chapter 10: Generating Reports
- Audit Trail Report
- Error Log Report
- Access Report
- Availability Report
- Active Users Report
- Locked Out Users Report
- User Data Report
- Users in Groups Report
- Group Data Report
- AD User Group Report
- Asset Management Report
- Node Asset Report
- Active Nodes Report
- Node Creation Report
- Query Port Report
- Active Ports Report
- Scheduled Reports
- CC-NOC Synchronization Report
Chapter 11: System Maintenance
- Maintenance Mode
- Backup CC-SG
- Restore CC-SG
  - Saving and Deleting Backup Files
- Reset CC-SG
- Restart CC-SG
- Upgrade CC-SG
- Shut Down CC-SG
- Restarting CC-SG after Shutdown
- End CC-SG Session
  - Log Out
  - Exit CC-SG
Chapter 12: Advanced Administration
- Guided Setup
- Message of the Day Setup
- Application Manager
  - Adding, Editing and Deleting Applications
  - Default Applications
- Firmware Manager
- Cluster Configuration
- Configure Security
- Notification Manager
- Task Manager
- CommandCenter NOC
- SSH Access to CC-SG
- Diagnostic Console
Appendix A: Specifications (G1, V1, and E1)
- G1 Platform
- V1 Platform
- E1 Platform
Appendix B: CC-SG and Network Configuration
- Introduction
- Executive Summary
- CC-SG Access via NAT-enabled Firewall
- Security and Open Port Scans
Appendix C: User Group Privileges
Appendix D: SNMP Traps
Appendix E: Troubleshooting
- Client Browser Requirements
Appendix F: Two-Factor Authentication
- Supported Environments
- Setup Requirements
- Known Issues
Appendix G: FAQs
Appendix H: Keyboard Shortcuts

104 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE

5. Type a user’s attributes in Filter so the search query will be restricted to only those entries

that meet this criterion. The default filter is objectclass=user, which means that only entries

of the type user are searched.

6. Specify the way in which the search query will be performed for the user entry. If you check

Use Bind, CC-SG attempts to connect, or bind, to AD directly with the username and

password supplied in the applet. However, if a username pattern is specified in Bind

username pattern, the pattern will be merged with the username supplied in the applet and

the merged username will be used to connect to the AD server.

For example, if you have cn={0},cn=Users,dc=raritan,dc=com and TestUser has been

supplied in the applet, then CC-SG uses cn=TestUser,cn-Users,dc=raritan,dc=com to

connect to the AD server. Only check Use Bind when the user logging in from the applet has

permissions to perform search queries in the AD server.

7. Check Use Bind After Search to use the username and password you specified in the

General tab to connect to the AD server. The entry is searched in the specified Base DN and

is found if it meets the specified filtering criterion and if the attribute “samAccountName” is

equal to the username entered in the applet. Then, a second connection, or bind, is attempted

using the username and password supplied in the applet. This second bind assures that the

user provided the correct password.

8. Click Next to proceed. The Groups tab opens.

AD Group Settings

In the Groups tab, you can specify the exact location from which you want to import AD user

groups.

Important: You must specify Group settings before you can import groups from AD.

1. Click the Groups tab.

Figure 98 AD Group Settings

2. Specify a Base DN (directory level/entry) under which the groups, containing the user to be

authorized, will be searched.