Oracle^® Rack Universal Power Distribution Unit User's Guide

Adding LDAP/LDAPS Servers

1. Select Device Settings → Security → Authentication.
2. Click New in the LDAP Servers section.
3. Enter the required information.

   LDAP/LDAPS Server Information Description IP Address/Hostname IP address or hostname of your LDAP/LDAPS server. Without encryption enabled, you can type either the domain name or IP address in this field, but you must type the fully qualified domain name if the encryption is enabled. Copy Settings from Existing LDAP Server Appears only when there are existing AA server settings on the HPDU. To duplicate any existing AA server settings, see Duplicating LDAP/LDAPS Server Settings. Type of LDAP Server Select one of the following options: OpenLDAP Microsoft Active Directory. Active Directory is an implementation of LDAP/LDAPS directory services by Microsoft for use in Windows environments. Security Determine whether you want to use Transport Layer Security (TLS) encryption, which allows the HPDU to communicate securely with the LDAPS server. Options: StartTLS TLS None Port (None/StartTLS) Default Port is 389. Use the standard LDAP TCP port or specify a different port. Port (TLS) Configurable only when TLS is selected in the Security field. The default is 636. Use the default port or specify a different port. Enable Verification of LDAP Server Certificate Select this option if it is required to validate the LDAP server certificate by the HPDU before the connection. If the certificate validation fails, the connection is refused. CA Certificate Consult with your AA server administrator to get the CA certificate file for the LDAPS server. Click Browse, and select and install the certificate file. Click Show to view the installed certificate content. Click Remove to delete the installed certificate if it is inappropriate. Allow Expired and Not Yet Valid Certificates Select this option to make the authentication succeed regardless of the certificate validity period. If you deselect this option, the authentication fails whenever any certificate in the selected certificate chain is outdated or not valid yet. Anonymous Bind Enables or disables anonymous bind. When a Bind DN and password are required to bind to the external LDAP/LDAPS server, deselect this option. Bind DN Required after deselecting the Anonymous Bind option. Distinguished Name (DN) of the user who is permitted to search the LDAP directory in the defined search base. Bind Password, Confirm Bind Password Required after deselecting the Anonymous Bind option. Enter the Bind password. Base DN for Search Distinguished Name (DN) of the search base, which is the starting point of the LDAP search. Example: ou=dev,dc=example,dc=com Login Name Attribute Attribute of the LDAP user class which is the login name. Usually it is the uid. User Entry Object Class Object class for user entries. Usually it is inetOrgPerson. User Search Subfilter Search criteria for finding LDAP user objects in the directory tree. Active Directory Domain Active Directory Domain name. Example: testradius.com.

4. To verify if the authentication configuration is set correctly and the HPDU can connect to the new server successfully, click Test Connection.

   ---

   Note -  You also can test the connection on the Authentication page after finishing adding servers.

   ---

5. Click Add Server.

   The new LDAP server appears on the Authentication page.

6. To add more servers, repeat Steps 1-5.
7. In the Authentication Type field, select LDAP. Otherwise, the LDAP authentication does not work.
8. Click Save.

   The LDAP authentication is now in place.