5.9.8. LDAP Parameters
The RSM-8R4 supports LDAP (Lightweight Directory Access Protocol,) which allows
authentication via the "Active Directory" network Directory Service. When LDAP is
enabled and properly configured, command access rights can be granted to new users
without the need to define individual new accounts at each RSM-8R4 unit, and existing
users can also be removed without the need to delete the account from each
This type of authentication also allows administrators to assign users to LDAP groups,
and then specify which plugs the members of each group will be allowed to control at
each RSM-8R4 unit.
In order to apply the LDAP feature, you must first define User Names and associated
Passwords and group membership via your LDAP server, and then access the
RSM-8R4 command mode to enable and configure the LDAP settings and define port
access rights and command access rights for each group that you have specified at the
To access the LDAP Parameters menu, login to RSM-8R4 command mode using a
password that permits Administrator level commands and then proceed as follows:
• Text Interface: Type /N and press [Enter] to display the Network Parameters
Menu. At the Network Parameters Menu, type 27 and press [Enter] to display the
LDAP parameters menu.
• Web Browser Interface: Click on the "LDAP Parameters" link on the left hand side
of the screen to display the LDAP Parameters menu.
• Port and Plug access rights are not defined at the LDAP server. They are
defined via the LDAP Group configuration menu on each RSM-8R4 unit and
are specific to that RSM-8R4 unit alone.
• When LDAP is enabled and properly configured, LDAP authentication will
supersede any passwords and access rights that have been defined via the
RSM-8R4 user directory.
• If no LDAP groups are defined on a given RSM-8R4 unit, then access rights
will be determined as specified by the "default" LDAP group.
• The "default" LDAP group cannot be deleted.
The LDAP Parameters Menu allows the following parameters to be defined:
• Enable: Enables/disables LDAP authentication. (Default = Off.)
• LDAP Port: Defines the port that will be used to communicate with the LDAP
server. (Default = 389.)
• Primary Host: Defines the IP address or domain name (up to 64 characters) for
the primary LDAP server. (Default = undefined.)
• Secondary Host: Defines the IP address or domain name (up to 64 characters) for
the secondary (fallback) LDAP server. (Default = undefined.)