Lantronix SLC 16 Lantronix SLC - User Guide - Page 153

12: User Authentication Typically user authorization (operational rights and device port privileges parameters support only users who exist in the SLC local user database. If an SLC device user gets authenticated via a remote authentication server such as LDAP, configuration of the user is required in the remote authentication server (for authentication only, no authorization) and the SLC console manager (authorization only). With extended support of LDAP active directory user attribute schemas in the SLC device, remote authenticated users get authenticated and authorized from the LDAP server. This provides a single point of user database management by no longer requiring remote authenticated user existence in the SLC local user database. See Appendix I: LDAP Schemas on page 288 for information about installing schema support in the Windows active directory and creating the Lantronix SLC schema attribute. Schema Permissions versus Default User Rights The User Rights shown on the SLC console manager under the LDAP settings are the ones that would be applied to a user logging in if the following are true:  A remote user for a particular username is not configured on the SLC device under the User Authentication-Local/Remote Users page.  An AD user authenticated using LDAP does not have a Schema associated.  Any AD user that has a Schema associated, but only certain rights are assigned.  The checkbox next to Authenticate only remote users who are not in the remote users list: is unchecked under the User Authentication->Local/Remote Users page. Dial-back and Dial-back Number are not supported via the Schema. These features were implemented after LDAP Schema support was added and will be added to the Schema after this release. To configure the SLC console manager to use LDAP to authenticate users: 1. Click the User Authentication tab and select LDAP. Figure 12-6 shows the page that displays. SLC™ Console Manager User Guide 153