User guide

Chapter 5: Using the Web Interface

Setting Up LDAP Authentication

For security purposes, users attempting to log in to Dominion PX must be

authenticated. Dominion PX supports the access using one of the

following authentication mechanisms:

 Local database of user profiles on the Dominion PX device

 Lightweight Directory Access Protocol (LDAP)

By default, Dominion PX is configured for local authentication. If you stay

with this method, you do not need to do anything other than create user

profiles for each authorized user. If you prefer to use an external LDAP

server, you must:

 Provide Dominion PX with information about the LDAP server.

 Create user profiles for users who are authenticated externally

because a user profile on the Dominion PX device determines the

role(s) applied to the user, and determines the permissions for the

user accordingly.

When configured for LDAP authentication, all Dominion PX users must

have an account on the LDAP server. Local-authentication-only users will

have no access to Dominion PX except for the admin, who always can

access Dominion PX.

Gathering the LDAP Information

It requires knowledge of your LDAP server and directory settings to

configure Dominion PX for LDAP authentication. If you are not familiar with

the settings, consult your LDAP administrator for help.

To configure LDAP authentication, you need to check:

 The IP address or hostname of the LDAP server

 Whether the Secure LDAP protocol (LDAP over SSL) is being used

 If Secure LDAP is in use, consult your LDAP administrator for the

CA certificate file.

 The network port used by the LDAP server

 The type of the LDAP server, usually one of the following options:

 OpenLDAP

 If using an OpenLDAP server, consult the LDAP administrator

for the Bind Distinguished Name (DN) and password.

 Microsoft Active Directory

(AD)