If I enable Gateway Appliance authentication with LDAP, which means I can login the Appliance with user from LDAP. What's the role of this user in Appliance once login? Can we do some role/group mapping from LDAP to Appliance user?
If you configure the gateway appliance for direct login via ssh with ldap
credentials you will just be presented with the ssgconfig menu
once logged in where you can then administer the gateway.
You would not gain a user prompt or root prompt for instance.
Let us know if that helps answer your question or if anything further comes up.
That's the answer I'm looking. Thanks.
I would like to use an ldap server to authenticate SSH access but the setup on the gateway just does not make sense to me and I cant get it to work. For example, one of the questions asked is "Which object in the LDAP will be used to find the password for users". What does this really mean. It seems like the value entered here is appened to the LDAP base DN from the previous question. This is very odd. Then another question is "Enter the object class that contains the attributes for creating the local user account." If I want to use an external LDAP server for authentication, why do I need a local user account? In any case I finally got some searches going to our LDAP server but the BIND always fails and I am positive I am using the correct password for the LDAP user.
Thanks for any help.