You will use the netscaler configuration utility gui

  • No School
  • AA 1
  • BaronMolePerson3391
  • 198
  • 100% (5) 5 out of 5 people found this document helpful

This preview shows page 137 - 139 out of 198 pages.

system groups and managing delegated administrator rights using group extraction. You will use the NetScaler Configuration Utility GUI to perform this exercise. In this exercise, you will perform the following tasks: Integrate External Authentication with NetScaler System Access using LDAP policies. Manage permissions using Group Extraction. Step Action 1. Connect to the NetScaler HA Pair Configuration Utility using the NSMGMT SNIP at . Log on to the utility using the following credentials: User Name: nsroot Password: nsroot 2. Create system groups that correspond to the Groups in Active Directory. Group names are case- sensitive on the NetScaler. Browse to System > User Administration > Groups . Click Add . 3. Create System Group Training_NSAdmins with superuser permissions. Enter Training_NSAdmins in the Group Name box. Click Bind under Command Policies . Select superuser to make it active and click Insert . Click Create . 4. Create System Group Training_NSOperators with operator permissions. Click Add to add a new system group. Enter Training_NSOperators in the Group Name box. Click Bind under Command Policies . Select operator to make it active and click Insert . Click Create . 5. Create an Authentication Action for external authentication using LDAP: Browse to System > Authentication > Basic Policies . Right-click and select Enable Feature . Click LDAP . Click the Servers tab. Click Add . The Create Authentication LDAP Server (action) dialog box opens.
138 6. Configure the authentication LDAP action with the following settings: Name : auth_ldap_srv Select Server IP IP Address : 172.21.10.103 (This is the VIP for lb_vsrv_ldap.) Port : 389 Server Type : AD Connection Settings: Base DN : dc=training,dc=lab Administrator Bind DN : [email protected] Administrator Password and Confirm Password : Password1 Click Test Connection Other Settings: Server Logon Name Attribute : sAMAccountName Group Attribute : memberOf Sub Attribute Name : cn Click Create . 7. Create an Authentication Policy for LDAP authentication: Click the Policies tab. Click Add . Enter auth_ldap_policy in the Name box. Select auth_ldap_srv from the Server drop-down list. Enter ns_true in the Expression box. (Authentication policies use classic policy expression syntax.) Click Create . Click OK on the warning. 8. Bind the policy to the system global object for system authentication: Click Global Bindings . Click Click to Select under Policy Binding . Select auth_ldap_policy and click Select . Click Bind . Click Done . The LDAP policy is now bound to the System Global object. Access to management IP addresses on the NetScaler (NSIP and management enabled SNIPs) will attempt to authenticate using the bound LDAP policy. However, system access will still fall through to local accounts if the authentication policy fails. (The superuser and other local accounts are still active.) 9. Save the NetScaler Configuration and confirm.

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture