# Authentication for GUI users can be set to:
# local, sso, pam, radius, ldap or none
# Append -pass to use the session user (entering pw each time) for device access (e.g. in Devices-Write)
# Add 2nd argument with ldap or radius to assign groups to users which don't exist within NeDi (disabled if empty, minimal access with "usr,")
# Be aware that ldap or radius may have problems with passwords containing language specific special characters
# All groups: net, oth, mgr, dsk, mon, adm, mnt
guiauth ldap usr,net,dsk,oth,mon,mgr,mnt
# Set Ldapserver parameters, if selected above:
# host port rootpw basedn rootdn loginattr Optional_group
ldapsrv ldaps://ldap.acme.com 636
PASSWORD DC=acme,DC=com CN=
USERNAME,OU=users,DC=acme,DC=com cn
GROUPThe
PASSWORD and
USERNAME must be a user who can read the LDAP-directory
GROUP is AD-group filled with user that will be permitted to login to NeDi
"basedn" is set to where users/groups are in the ldap tree, could be close to the root of tree
"rootdn" full ldap path to
USERNAME"guiauth" sets the groups within NeDi the ldap-verified-users will belong to
This is how I
think it works (works for me)
