Use this dialog to:

  • Configure LDAP or Active Directory (AD) credentials and to configure to connect with an Active Directory server to import group information from a Microsoft Domain Controller into .

    -or-

  • Configure Cisco ACS credentials and configure to connect with a Cisco ACS server.

To configure Active Directory/LDAP external authentication:

  1. Enter the following information:
    • Domain Controller or LDAP Server. Enter the Domain Controller IP address or hostname for the Domain Controller or LDAP server. If you are authenticating to an Active Directory domain, the LDAP server for your domain is a DC (domain controller).
    • Server port. Enter the port the Active Directory server uses to listen for connections (Default: 389).
    • Secure. Select this option if you want Active Directory domain or LDAP queries to be encrypted using SSL (Default port: 636).
  2. Select Active Directory to enable Active Directory domain credentials. Then, enter the Active Directory Logon Domain from which you want to access and import AD groups.-or-Select Standard LDAP to enable Active Directory domain credentials. Then, enter the path to the container which holds the users you want to access the web interface in Authorize DN.
    註: The following Authorize DN example could be used for an LDAP server on the ipswitch.com domain, with a "Users" container located in the root level of the Active Directory database: CN=%s,CN=Users,DC=ipswitch,DC=com. For more information, see the LDAP authentication with Active Directory KB article.
  3. Click Test to open the Test dialog. The Test dialog allows you to verify that your credentials are configured correctly.
  4. Click Browse to open the Browse Active Directory dialog. The Browse Active Directory dialog allows you to select the AD groups you would like to map to existing user groups. Please note, authentication for nested Active Directory groups are not supported.
  5. In the Active Directory group list, select the group you want to map to each AD group.
    註: Before you can map AD groups to groups, you must create the groups using the Add User Group dialog. When you have added the user groups you can then select the AD groups you want to map to groups using the Browse Active Directory dialog.
    註: When a member of an AD group logs into using their Windows Domain credentials, they will be added as a member of the group mapped to that AD group.
  6. Click OK. saves the Active Directory credentials and the LDAP Credentials dialog closes.

To configure to use Cisco ACS for authentication:

Use the Cisco ACS tab to configure Cisco ACS credentials and to configure to connect with a Cisco ACS server. Before configuring in , make sure to enable the UCP interface on the respective Cisco ACS device and make sure the device uses a valid certificate.

  1. Enter or select the appropriate information:
    • Cisco ACS server hostname / IP address. Enter the server hostname or IP address for the Cisco ACS server.
    • Cisco ACS server port number. Enter the port the Cisco ACS server uses to listen for connections (Default: 431).
  2. Click Test to open the Test Cisco ACS Authentication dialog. The Test dialog allows you to verify that your credentials are configured correctly.
  3. Click OK to save changes. saves the Cisco ACS credentials and the Configure External Authentication dialog closes.