This document will explain how to set up user access management for a VTrak Ex30 subsystem.
It is assumed that you have a functional MS Active Directory domain configured and administrative access to the domain controller.
Begin by logging in to the Vtrak's management interface GUI as administrator.
Select the Administration tab at the top-right, and select the User Management option.
Click the LDAP Settings button.
Here is an example using a domain called dixdomain.local.
Set the Base DN appropriately for your domain.
Set the Server Type for Windows Active Directory, and enter the LDAP server IP address.
You can use the Anonymous Bind option, but if your server does not support that you will have to create a dummy domain user for access.
Dummy Domain User
From the Server Manager, go to the Active Directory Users and Computers panel.
Add a New User and name it appropriately – this example uses VTrak LDAP.
Make it a member of Domain Users.
Use the Test button on the VTrak LDAP Settings page to verify the connection.
LDAP Role Mapping
Creating Security Groups and Adding Members
If your domain contains many users, and you want to easily control who has access to the VTrak and what privileges they have, you can create some security groups, then selectively edits users, giving them membership in the appropriate group.
For example, our domain has two users name 'dick' and 'dickey', and we want the first to have administrative – or Super – privileges, and the second to have only maintenance privileges.
From the Active Directory Users and Computers panel, create two new Security Groups – VTrakAdmin and VTrakMaint. They do not have to be members of any domain groups.
Now you can edit the two users, making them a member of the appropriate group.
'dick' is now a member of Group 'VTrakAdmin' and 'dickey' is now a member of Group 'VTrakMaint'.
Creating the LDAP Roles
From the LDAP Settings page click the Role Mapping button, and then the Add Role Mapping button.
Click the LDAP Role drop-down menu and scroll to the bottom. If you have configured the LDAP settings correctly – and the Test succeeded – you will see that the two new Security Groups we added are now visible. Select VTrakAdmin.
From the Subsystem Privilege drop-down, select the Super option.
Click the Submit button.
Repeat the process for the VTrakMaint role, giving it Maintenance privileges, then Submit.
Now they should be added to the LDAP-Role to Subsystem-Privilege Mapping table.
Test User Access
Now you can test the VTrak subsystem privileges each user has.
First, log in to the VTrak management GUI as the user 'dick'.
Click on the Administration tab and note that all of the options are available to this user.
Log out and log back in as the user 'dickey'.
Click on the Administration tab.
Note that not all of the Administration options are available for this user’s privilege level.
