Miscellaneous Procedures > Configuring Groups on LDAP, NTLM, RADIUS, and TACACS+ Authentication Servers > Configuring Groups for LDAP

Configuring Groups for LDAP
1.
2.
a.
b.
Enter the parameters shown in the following screen example, followed by a comma-separated list of usernames or groupnames.
cli > config physicalports serial_port_number access
users/groups comma-separated_list_of_usernames_or_groupnames
3.
To Configure Group Authorization on a NTLM Server
This procedure installs the required tools from the Windows Server Administration Pack that are required for configuring group authorization on an NTLM authentication server. The primary tools are Active Directory Schema MMC Snap-in for adding the attribute “info” to the objectclass “Users”, and the ADSI Edit MMC Snap-in to edit the property “comment” as “group_name=<Group1> [,<Group2,...,GroupN>];
1.
2.
3.
A console window appears.
4.
The “Add/Remove Snap-in” window appears.
5.
The “Add Standalone Snap-ins” window appears.
6.
7.
8.
9.
To Configure Active Directory Schema
1.
The paths “Classes” and “Attributes” appear.
2.
3.
4.
5.
To Configure ADSI Edit
1.
2.
The “Connection” window appears.
3.
The path “Domain NC[domain.com] appears.
4.
The expanded path “DC=xxx,DC=xxx,DC=com” appears.
5.
Double click "DC=xxx,DC=xxx,DC=com.”
The expanded classes "CN=Builtin, ...“appear.
6.
The expanded users list appears.
7.
The "CN=<username> Properties” window appears.
8.
9.
10.

Miscellaneous Procedures > Configuring Groups on LDAP, NTLM, RADIUS, and TACACS+ Authentication Servers > Configuring Groups for LDAP