[ACM] Setup Server

Audit Log User Guide for VSP 5000 Series

Version
90-09-0x
Audience
anonymous
Part Number
MK-98RD9010-13

Example 1

09xx,YYYY/MM/DD,HH:MM:SS.xxx, 00:00,RMI AP,uid=user-name, Task Name,
[ACM],Setup Server,Disable,Normal end,
from=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx,,Seq.=xxxxxxxxxx 

Basic Information for Example 1

Parameter

Description

Disable

Indicates that the External Authentication server is not used

Example 2

09xx,YYYY/MM/DD,HH:MM:SS.xxx, 00:00,RMI AP,uid=user-name, Task Name,
[ACM],Setup Server,LDAP,Normal end,
from=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx,,Seq.=xxxxxxxxxx +{Certificate File
Name,DNS Lookup,Authentication Protocol, External User Group Mapping,Primary Host
Name, Primary Port Number,Domain Name,User Name Attribute,Base DN, Search User's
DN,Timeout,Retry Interval,Number of Retries}= -{CFFILE,Disable,STARTTLS,Enable,
-examplehost,389,example1.com,sAMAccountName, -dc=example2
dc=com,example3.com,10,1,3} ++{Secondary Server,Secondary Host Name,Secondary Port
Number}= {Enable,example4.com,389} +Num. of Servers=1

Basic Information for Example 2

Parameter

Description

LDAP

Indicates that the LDAP server is used as the External Authentication server

Detailed Information for Example 2

Item

Description

Certificate File Name

Indicates the name of certificate file

DNS Lookup

Indicates whether to search the LDAP server using the information registered in the SRV records in the DNS server

Enable: Performs the search using information registered in the SRV records in the DNS server

Disable: Performs the search using the host name and the port number

Authentication Protocol

Indicates the LDAP protocol (LDAP over SSL/TLS or STARTTLS) to use

External User Group Mapping

Indicates whether to connect an authentication server to an authorization server

Enable: Connects an authentication server to an authorization server

Disable: Does not connect an authentication server to an authorization server

Primary Host Name

Indicates the host name of the LDAP server

Primary Port Number

Indicates the port number of the LDAP server

Domain Name

Indicates the domain name that the LDAP server manages

User Name Attribute

Indicates the attribute name to identify a user

Base DN

Indicates the Base DN (Distinguished Name) for searching for users to authenticate

Commas that are input by user are indicated with spaces

Search User's DN

Indicates the DN of the user for searching

Timeout

Indicates the number of seconds before connection to the LDAP server times out

Retry Interval

Indicates the retry interval in seconds when the connection to the LDAP server fails

Number of Retries

Indicates the retry times when the connection to the LDAP server fails

Secondary Server

Indicates whether to use a secondary LDAP server

Enable: Use the secondary server

Disable: Do not use the secondary server

Secondary Host Name

Indicates the host name of the secondary LDAP server

Secondary Port Number

Indicates the port number of the secondary LDAP server

Num. of Servers

The number of external authentication servers that are set

Example 3

09xx,YYYY/MM/DD,HH:MM:SS.xxx, 00:00,RMI AP,uid=user-name,Task Name,
[ACM],Setup Server,RADIUS,Normal end,
from=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx,,Seq.=xxxxxxxxxx +{Authentication
Protocol,Primary Host Name,NAS Address, Primary Port Number,Timeout,Number of
Retries,Secondary Server, Secondary Host Name,Secondary Port Number}=
-{PAP,example1.com, -10.213.74.20,1812,10,3,Enable,example2.com,1812} ++{External
User Group Mapping,Certificate File Name, Authentication Protocol,DNS Lookup,Host
Name,Port Number, Domain Name,Base DN,Search User's DN,Timeout,Retry Interval,
Number of Retries}= -{Enable,CFFILE,STARTTLS,Disable, -example.com,389,example1.com,
-dc=example2 dc=com,example3.com,10,1,3} +Num. of Servers=1

Basic Information for Example 3

Parameter

Description

RADIUS

Indicates that the RADIUS server is used as the External Authentication server.

Detailed Information for Example 3

Item

Description

Authentication Protocol

Indicates the RADIUS protocol to use

PAP: password authentication protocol that transmits plaintext user ID and password

CHAP: challenge-handshake authentication protocol that transmits encrypted password

Primary Host Name

Indicates the host name of the RADIUS server

NAS Address

Indicates the identifier for the RADIUS server to find SVP

Primary Port Number

Indicates the port number of the RADIUS server

Timeout

Indicates the number of seconds before connection to the RADIUS server times out

Number of Retries

Indicates the number of times that the system tries to reconnect to the server when the connection to the RADIUS server fails

Secondary Server

Indicates whether to use a secondary RADIUS server or a secondary LDAP server

Enable: Use the secondary server

Disable: Do not use the secondary server

Secondary Host Name

Indicates the host name of the secondary RADIUS server

Secondary Port Number

Indicates the port number of the secondary RADIUS server

External User Group Mapping

Indicates whether to connect an authentication server to an authorization server

Enable: Connects an authentication server to an authorization server

Disable: Does not connect an authentication server to an authorization server

Certificate File Name

Indicates the name of certificate file

Authentication Protocol

Indicates the LDAP protocol to use

DNS Lookup

Indicates whether to search for the LDAP server using the information registered in the SRV records in the DNS server

Enable: Performs the search using information registered in the SRV records in the DNS server

Disable: Performs the search using the host name and the port number

Host Name

Indicates the host name of the LDAP server

Port Number

Indicates the port number of the LDAP server

Domain Name

Indicates the domain name that the LDAP server manages

Base DN

Indicates the Base DN for searching for users to authenticate

Commas that are input by user are indicated with spaces

Search User's DN

Indicates the DN of the user for searching

Timeout

Indicates the number of seconds before the connection to the LDAP server times out

Retry Interval

Indicates the retry interval in seconds when the connection to the LDAP server fails

Number of Retries

Indicates the retry times when the connection to the LDAP server fails

Num. of Servers

The number of external authentication servers that are set

Example 4

09xx,YYYY/MM/DD,HH:MM:SS.xxx, 00:00,RMI AP,uid=user-name,Task Name,
[ACM],Setup Server,Kerberos,Normal end,
from=xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx,,Seq.=xxxxxxxxxx +{DNS Lookup,Realm
Name,Primary Host Name,Primary Port Number, Clock Skew,Timeout,Secondary
Server,Secondary Host Name, Secondary Port Number}=
-{Disable,example1.com,example2.com,88,300,10,Enable,example3.com, 88} ++{External
User Group Mapping,Certificate File Name, Authentication Protocol,Primary Port
Number,Base DN, Search User's DN,Timeout,Retry Interval,Number of Retries, Secondary
Sever,Secondary Port Number} =-{Enable,CFFILE,STARTTLS,389,-dc=example4
dc=com,example5.com, 10,1,20,Enable,389} +Num. of Servers=1

Basic Information for Example 4

Parameter

Description

Kerberos

Indicates that the Kerberos server is used as the External Authentication server.

Detailed Information for Example 4

Item

Description

DNS Lookup

Displays whether to search for the Kerberos server using the information registered in the SRV records in the DNS server

Enable: Performs the search using information registered in the SRV records in the DNS server

Disable: Performs the search using the host name and the port number

Realm Name

Indicates the default realm name

Primary Host Name

Indicates the host name of the Kerberos server

Primary Port Number

Indicates the port number of the Kerberos server

Clock Skew

Indicates the acceptable range of time difference between the SVP and the Kerberos server

Timeout

Indicates the number of seconds before connection to the Kerberos server times out

Secondary Server

Indicates whether to use a secondary Kerberos server

Enable: Use the secondary server

Disable: Do not use the secondary server

Secondary Host Name

Indicates the host name of the secondary Kerberos server

Secondary Port Number

Indicates the port number of the secondary Kerberos server

External User Group Mapping

Indicates whether to connect an authentication server to an authorization server

Enable: Connects an authentication server to an authorization server

Disable: Does not connect an authentication server to an authorization server

Certificate File Name

Indicates the name of certificate file

Authentication Protocol

Indicates the LDAP protocol to use

Primary Port Number

Indicates the port number of the LDAP server

Base DN

Indicates the Base DN for searching for users to authenticate

Commas that are input by user are indicated with spaces

Search User's DN

Indicates the DN of the user for searching

Timeout

Indicates the number of seconds before connection to the LDAP server times out

Retry Interval

Indicates the retry interval in seconds when the connection to the LDAP server fails

Number of Retries

Indicates the retry times when the connection to the LDAP server fails

Secondary Server

Indicates whether to use a secondary LDAP server

Enable: Use the secondary server

Disable: Do not use the secondary server

Secondary Port Number

Indicates the port number of the secondary LDAP server

Num. of Servers

The number of external authentication servers that are set