Add LDAP authentication server 编辑

When you integrate LDAP protocol with RADIUS and TACAS authentication servers, you can use Citrix ADM to search and authenticate user credentials from distributed directories.

  1. Navigate to System > Authentication.

  2. Select the LDAP tab and then click Add.

  3. On the Create LDAP Server page, specify the following parameters:

    1. Name – Specify the LDAP server name

    2. Server Name/IP address – Specify the LDAP IP address or server name

    3. Security Type – Type of communication required between the system and the LDAP server. Select from the list. If plain text communication is inadequate, you can choose encrypted communication by selecting either Transport Layer Security (TLS) or SSL

    4. Port – By default, port 389 is used for PLAINTEXT. You can also specify port 636 for SSL/TSL

    5. Server Type – Select Active Directory (AD) or Novell Directory Service (NDS) as the type of LDAP server

    6. Time-out (seconds) – Time in seconds for which the Citrix ADM system waits for a response from the LDAP server

    7. LDAP Host Name – Select Validate LDAP Certificate check box and specifying the host name to be entered on the certificate

      Clear the Authentication option and specify the SSH Public Key. With key-based authentication, you can fetch the list of public keys stored on the user object. These public keys are stored in LDAP server through SSH.

      LDAP

      Under Connection Settings, specify the following parameters:

      1. Base DN – The base node for LDAP server to start the search

      2. Administrator Bind DN – User name to it bind to LDAP server. For example, admin@aaa.local.

      3. Bind DN password – Select this option to provide a password for authentication

      4. Enable Change Password – Select this option to enable password change

        LDAP

      Under Other Settings, specify the following parameters

      1. Server Log on Name Attribute – Name attribute used by the system to query the external LDAP server or an Active Directory. Select samAccountname from the list.

      2. Search Filter – Configure external users for two-factor authentication according to the search filter configured in LDAP server. For example, vpnallowed=true with ldaploginame samaccount and the user-supplied user name bob would yield an LDAP search string of: &(vpnallowed=true)(samaccount=bob).

      3. Group Attribute – Select memberOf from the list.

      4. Sub Attribute Name – The Sub attribute name for group extraction from the LDAP server.

      5. Default Authentication Group – Default group to choose when the authentication succeeds in addition to extracted groups.

        LDAP

  4. Click Create.

    The LDAP server is now configured.

    Note

    If the users are Active Directory group members, the group and the users’ names on Citrix ADM must have the same names of Active Directory group members.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:33 次

字数:4573

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文