Netbrain
Home NetBrain Product One-Skill-at-a-Time Search Mark Forums Read
Go BackThe Net-BrainerNetBrain Product How to configure External Authentication Server(LDAP/AD) in NetBrain

Reply
 
Thread Tools Search this Thread Display Modes
Old 04-08-2013, 04:40 AM
NetBrainTAC NetBrainTAC is offline
Administrator
 
Join Date: Dec 2012
Posts: 523
Default How to configure External Authentication Server(LDAP/AD) in NetBrain


Here is a detail instruction to configure the LDAP/AD authentication in Netbrain:

From NetBrain Customer License Server webpage (http://<IP or domain name of Customer License Server>/netbrain), switch to User Accounts tab, click External LDAP/AD Server button to open the LDAP/AD Authentication settings pane.

1). Enable LDAP/AD Authentication: Check the checkbox to enable LDAP/AD authentication.

2). LDAP/AD Setup:
  • Server Type: Select the corresponding server type of External Authentication Server, LDAP or Active Directory.
  • Server Address:
Enter the host name of the LDAP or Active Directory server, i.e., the host name or IP address of the LDAP or AD Server and the search base. These two fields are separated with a slash. E.g.10.1.1.1/dc=netbraintech,dc=com

The search base is the starting point in the LDAP directory or in the AD forest for LDAP searches. Ideally, the search base should be set to the root node of LDAP directory and root domain of the entire AD forest. If the search base is set at a particular OU level or domain level, only child objects of that particular OU or domain can be queried.
  • Port:
LDAP Global catalog servers listen for LDAP requests and respond to LDAP queries on port 3268.In multi-domain AD environments, it is best to use port 3268(3269 if using SSL). You may use port 389(636 if using SSL) for a single domain configuration.
  • Connect Type: It requires user to choose corresponding connect type with authentication server, Regular or Secure (SSL).
  • Connect Username: Enter the username (Domain Admin) to query user info from AD/LDAP server. An example of standard LDAP format is CN=John Smith,DC=example,DC=com. An example of a Windows Active Directory DN is example\jsmith
  • Connect Password: The password of the connecting user which is supposed to connect to the LDAP/AD server.
3). Choose allowed groups for login:
Enter group name in the Search box, Click Search button to search the group, highlight group by mouse-click, then click> button to add the group to candidate list (Click < button to remove it from candidate list).

4). Click Submit button to import the groups in candidate list to Netbrain system.

5). Assign the Roles to groups. Once you have added the groups successfully, you can switch to the roles tab to view the added groups. By default, these groups don't have any privilege. You should edit the corresponding privilege for them. Otherwise, the users under these groups are not able to use NetBrain OE workstation. Click Roles button to switch to Roles page. Click corresponding group to edit the privilege.

6). Synchronize users with external server. Click Users button to switch to Users page, click the Synchronize with external server hyperlink. All users belonging to the imported groups will be displayed here with the Source field of AD or LDAP, as shown in the picture below.




Note: The SYNC operation only imports the groups to the existing records. So if you delete entries from the LDAP/AS servers, you may need to delete the user info here manually to accommodate the corresponding modifications.

Applicable to: OEv5.0 and Later versions.
Reply With Quote
Old 04-17-2013, 08:59 PM
NetBrainTAC NetBrainTAC is offline
Administrator
 
Join Date: Dec 2012
Posts: 523
Default Re: How to configure External Authentication Server(LDAP/AD) in NetBrain

More skills to configure External Authentication server in NetBrain

  • External Authentication feature does not delete users/Groups which had been imported before when synchronizing with external server automatically. In other words, if users/Groups are deleted from LDAP/AD server, in performing the synchronization, customer needs to remove them from Netbrain Customer License Server manually.
  • In Search box, please enter group name as accurate as possible if you are working with a big LDAP/AD server. Less than 1000 groups could be displayed in the search return box.
  • Only users in Group could be synchronized, users in Sub-Group could not.
  • The users which are expected to be imported to NetBrain should be belonged to the same OU which enters in the search base of Server Address.
  • The following encryption methods of communications between NetBrain and LDAP server are supported currently: Plain text, MD4, MD5, SHA1, SMD5, SSHA.
Reply With Quote
Reply

Bookmarks

Tags
Operator Edition

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Forum Jump

All times are GMT -4. The time now is 06:17 PM.
Powered by vBulletin
Copyright 2000-2010 Jelsoft Enterprises Limited.
Copyright 2009 NetBrain, Inc. All rights reserved.