5.5.1 Login authentication
To authenticate Asset Console logins by linking to Active Directory, you must specify the necessary settings in Directory server usage in the Server Setup dialog box. For details about the settings in the Server Setup dialog box, see 7.3.6 Setting Link with Directory Server.
Be sure to gather in advance the information necessary for the settings in the Server Setup dialog box.
- Note
-
To gather the necessary information in advance:
-
Use administrator permissions to log in to the computer that Active Directory is running on.
-
Execute the LDIFDE command of Active Directory and output the DN information of users who are permitted to log on.
The following is the command to be executed:
ldifde -u -p Subtree -r "objectclass=user" -l dn -f out1.txt
The following information is output to out1.txt:
dn: CN=Administrator,CN=Users,DC=Sample,DC=co,DC=jp
changetype: add
dn: CN=Guest,CN=Users,CN=Users,DC=Sample,DC=co,DC=jp
changetype: add
:
Based on the output information, set the user DN to be used for connecting to Asset Console in Access user in the Server Setup dialog box.
-
Execute the LDIFDE command of Active Directory and output the DN information of the organization from which to search for users during Asset Console login authentication.
The following is the command to be executed:
ldifde -u -p SUBTree -r "(objectclass=organizationalUnit)" -l dn -f out2.txt
The following information is output to out2.txt:
dn: OU=Domain Controllers, DC=Sample,DC=co,DC=jp
changetype: add
dn: OU=people, DC=Sample,DC=co,DC=jp
changetype: add
dn: OU=hitachi,OU=people, DC=Sample,DC=co,DC=jp
changetype: add
:
Based on the output information, set the DN of the organization from which to search for users during Asset Console login authentication in User information DN in the Server Setup dialog box.
-
Output the attribute information of the user information to be used during Asset Console login authentication.
The following is the command to be executed:
ldifde -u -p Subtree -r "cn=Administrator" -f out3.txt
The following information is output to out3.txt:
dn: CN=user1,OU=Design3,OU=hitachi,OU=people, DC=Sample,DC=co,DC=jp
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: user1
son: customerA
telephoneNumber: 030303
givenName: user1
distinguishedName:
CN=user1,OU= Design3,OU=hitachi,OU=people, DC=Sample,DC=co,DC=jp
instanceType: 4
:
displayName: customerAuser1
uSNCreated: 376915
uSNChanged: 487476
name: user1
uid: user1
mail: a-user1@sample.co.jp
:
Based on the output information, set the attribute name to be used as the user ID during Asset Console login authentication in User ID attribute name in the Server Setup dialog box. Additionally, specify the attribute name to be recognized as a user name by Asset Console in User name attribute name in the Server Setup dialog box.
-