|
|
|
The Notification Website supports two modes of user authorization, Basic Privileges and Advanced LDAP Permissions. Basic Privileges authorization is always enabled. Optionally, you can enable the advanced mode of permissions with a third-party LDAP-compliant directory server. In this case, the LDAP server is queried for additional user permissions data. If you want to enable advanced LDAP Permissions, specify the following options on the NM Security Options dialog. All of these options are required.
Enables, or disables, the Advanced LDAP Permissions user authorization option. The default is disabled.
Configures the host name or host TCP/IP address of the LDAP server that has the advanced permissions data.
Configures the host TCP/IP port number of the LDAP server.
Configures the user DN that the Notification Website uses to authenticate with the LDAP server to query permissions data.
Configures the password that the Notification Website uses to authenticate with the LDAP server to query permissions data.
Configures the base DN that identifies the root of the NM LDAP tree within the larger LDAP "forest." This root entry is the directory from which all NM searches begin. All NM related advanced user permissions data should reside under this base DN. For example, it may appear as follows:
ou=CAAP,o=your_company,c=your_country
Note: For more information about LDAP, see Secure the Notification Website.
Note: The Notification Website does not use a directory's internal access controls for the implementation of the advanced LDAP permissions; instead, it follows the directory security policies set by the LDAP server, as all other users of LDAP do. The Notification Website application connects with the LDAP server using the AP Connection User DN and password that you specify, queries the LDAP server for the NM permissions data, and then grants or denies the user permissions that are requested.
| Copyright © 2012 CA. All rights reserved. |
|