1. Home
  2. Pelco
  3. Pelco VXP-P3-0 User Manual
  4. Page 60

Pelco VXP-P3-0 VideoXpert Pro Power 3 Server 0TB

Pelco VideoXpert Pro Operations User Manual - Page 60

For VXP-P3-0.

PDF File Manual, 177 pages, Read Online | Download pdf file

VXP-P3-0 photo
Loading ...
Loading ...
Loading ...
VideoXpert® Professional v 3.17 Operations Manual
C6601M-S | 06/22 60
OU=Los Angeles, etc. on the Los Angeles system
OU=San Franscisco, etc. on the San Francisco system
With this configuration:
l
Mary Smith can log in to both the Log Angeles and San Francisco systems, using “mary” as her
username and her AD password as the password. When Mary logs in:
The VX system creates a user account with name “mary” in VX (if it doesn’t already exist).
The VX system adds user mary to the Directors role.
l
Joe Jones can log in to the New York system only. When Joe logs in:
The VX system creates a user account with name “joe” in VX (if it doesn’t already exist).
The VX system adds user joe to the SysAdmins role.
Configuring LDAP Authentication: Using Single Sign-On
SingleSign-On (SSO) allows users to log in to multiple systems using a single set of login credentials.
SSOcan be used with either Single-Stage or Two-Stage binding, and can be used with the Synchronize
Users and Roles From LDAP option.
Note:If VxOpsCenter is running on the same server as the VxPro or Core system, SSOwill not be
available. This is due to MSWindows limitations.
To configure authentication to use SSO:
1. Ensure that you have created a DNS entry for the cluster virtual IPaddress on the SSOdomain.
Include the ForwardLookup Zone and Reverse Lookup Zone entries. (Instructions for this
operation are beyond the scope of this document.)
2. Click the System tab, and then click LDAP/AD.
3. Click to select the radio button for LDAP.
4. Click to select the radio button for Two-Stage and the checkbox for Synchronize users and Roles
From LDAP.
5. Click to select the checkbox for Use Single Sign-On.
6. Enter the host name or FQNof the LDAPserver in the LDAPServer box.
l
If the host name (IPaddress)is used, this points to a single Active Directory Domain
Controller (DS). This creates a single point of failure; if the DCgoes offline, authentication will
break.
l
If the FQDNis used, any DCin the ADwill respond to the authentication request. This
provides fault tolerance for LDAPauthentication.
7. (Optional) Edit the server Port if the LDAP server is not on the default port (389, or 636 if you
selected SSL/TLS). if the LDAP server is not on the default port (636—SSL/TLS is required for
SSO).
8. Type a distinguished name (DN) in the Base DN box.
9. Type an attribute key name in the Search Attributes box. When inputting multiple entries in a box,
separate entries with commas only (no spaces).
10. Type a value in the Superuser DN field.
11. Type a value in the Superuser DN Password field.
Loading ...
Loading ...
Loading ...