Configure LDAP Authentication

Use the following steps to configure an LDAP server (for example, Apache Directory Server) to grant extra roles to externally authenticated users in GigaVUE-FM.

Enable Extra Roles for LDAP in GigaVUE-FM

1Configure GigaVUE-FM to accept extra roles in the response from the AAA server:

aClick Edit Default in the Authentication > LDAP

bSet the Extra Roles option to Yes.

cClick Update.

Assign local-user-name to Shell Profile (ACS 5.x)

4Add an employeeType attribute to the InetOrgPerson user object.

The attribute format is as follows:

<mapping_local_user>[:role-<mapping_local_role_1> [role-<mapping_local_role_2>[...]]]

Note: The extra role specified in the authentication server must match a role already available in GigaVUE-FM – fm_super_admin, fm_admin, or fm_user.

Figure 210: Adding the employeeType Attribute shows an example of this.

 

Figure 210: Adding the employeeType Attribute