Layer7 API Management

  • 1.  What's the role of Appliance user authenticated with LDAP

    Broadcom Employee
    Posted Jul 26, 2017 04:21 AM

    Hi,

     

    If I enable Gateway Appliance authentication with LDAP, which means I can login the Appliance with user from LDAP. What's the role of this user in Appliance once login? Can we do some role/group mapping from LDAP to Appliance user?

     

    Thanks

    Yang



  • 2.  Re: What's the role of Appliance user authenticated with LDAP
    Best Answer

    Broadcom Employee
    Posted Jul 26, 2017 02:57 PM

    Hi Yang,

     

    If you configure the gateway appliance for direct login via ssh with ldap

    credentials you will just be presented with the ssgconfig menu

    once logged in where you can then administer the gateway.

     

    You would not gain a user prompt or root prompt for instance.

     

    Let us know if that helps answer your question or if anything further comes up.

     

    Thanks,

    Daren



  • 3.  Re: What's the role of Appliance user authenticated with LDAP

    Broadcom Employee
    Posted Jul 26, 2017 10:08 PM

    Hi Daren,

     

    That's the answer I'm looking. Thanks.

     

    Yang



  • 4.  Re: What's the role of Appliance user authenticated with LDAP

    Posted Sep 01, 2017 05:38 PM

    I would like to use an ldap server to authenticate SSH access but the setup on the gateway just does not make sense to me and I cant get it to work.  For example, one of the questions asked is "Which object in the LDAP will be used to find the password for users".  What does this really mean.  It seems like the value entered here is appened to the LDAP base DN from the previous question.  This is very odd.  Then another question is "Enter the object class that contains the attributes for creating the local user account."  If I want to use an external LDAP server for authentication, why do I need a local user account?    In any case I finally got some searches going to our LDAP server but the BIND always fails and I am positive I am using the correct password for the LDAP user. 

     

    Thanks for any help.

    Brent