54
LDAP Configuration
(continued)
AP Operation
d) Right-click on the user’s name and select properties .
e) On the Attribute Editor page of the dialog box that appears, select
permission from the list.
f)
Click Edit to bring up the String Attribute Editor:
g) Replace the value shown with the desired B051-000 permission
attribute value. (See below for details.)
The Permission Attribute Value
is made up of two parts; the IP
address of the B051-000 a user will access and a string that indicates
the access rights the user has on the B051-000 at that IP address. The
following rules apply to the makeup of the permission attribute value
entry:
• An ampersand (&) connects the B051-000’s IP address with the
access rights string.
• The access rights string is made up of various combinations of the
following characters: c w j l v s. The characters can be entered in
upper or lower case. The meaning of the characters is provided in
the Permission String Characters table, below.
• The characters in the access rights string are separated by a comma
(,). There are no spaces before or after the comma.
• If a user has access rights to more than one B051-000, each
permission segment is separated by a semicolon (;). There are no
spaces before or after the semicolon.
Character
Meaning
C
Grants the user administrator privileges, allowing the user to configure the system.
W
Allows the user to access the system via the Windows Client program.
J
Allows the user to access the system via the Java Applet.
L
Allows the user to access log information via the user’s browser.
V
Limits the user’s access to only viewing the video display.
S
Allows the user to use the Virtual Media function.
Access rights examples are given in the table below:
User
Value
Meaning
User1
10.0.0.166&w,v
1. User has Windows Client and View Only rights on a B051-000 with an IP address of 10.0.0.166.
2. User has no rights on any other B051-000 units administered by the LDAP server.
User2
10.0.0.164&s;10.0.0.166&j,c
1. User has Virtual Media rights on a B051-000 with an IP address of 10.0.0.164.
2. User has Java Applet and Administrator rights on a B051-000 with an IP address of 10.0.0.166.
3. User has no rights on any other B051-000 units administered by the LDAP server.
User3
v,l;10.0.0.164&j
1. User has View Only and Log Information rights on all B051-000 units administered by the LDAP server.
2. User has Java Applet rights on a B051-000 with an IP address of 10.0.0.164.
User4
User has no access rights to any B051-000 units administered by the LDAP server.
User5
v,w
User has View Only and Windows Client rights on all B051-000 units administered by the LDAP server.
User6
v;10.0.0.166&;10.0.0.164&c,j
1. User has View Only rights on all B051-000 units administered by the LDAP server, except for the ones
with IP addresses of 10.0.0.166 and 10.0.0.164.
2. User has no access rights on the B051-000 with an IP address of 10.0.0.166.
3. User has Administrator and Java Applet rights on the B051-000 with an IP address of 10.0.0.164.