4.4.5 Group Mapping
AD Groups
The «Distinguished Name» (DN) f an AD group is displayed in the active directory under «Attributes». To see this, «Advanced view» must be selected under «View» . Then, the «Distinguished Name» can be viewed under «Properties» > «Attribute Editor». Double click the DN to copy it to the clipboard.
Figure 8: Distinguished Name im Active Directory
In the AGW under «System Config», give the group a name of your choice followed by a colon and space (e.g. «mygroup1: ». Then enter the DN. One entry can be made per line. The name set for the group must then be shared with HIN.
Figure 9: AD Group Mapping
Organizational unit (OU)
To store OUs, you will need the full «Distinguished Name». However, this does not necessarily need to be entered in the AGW.
Please contact HIN to store the corresponding HIN IDs. If a user belongs to multiple defined groups, use the first group that was stored in HIN. Permissions are not inherited by HIN IDs mapped to AD accounts.
Monitoring
The public SNMP community string can be used to retrieve standard MIBs from Ubuntu. The syslog option sends log information to a syslog server.