How do you configure the Digital Sentry/DS ControlPoint software to use LDAP (Windows) authentication?

Issue

Cannot connect to a DigitalSentry system with DS ControlPoint set to Windows Authentication.

Product Line

Pelco Video Management

Environment

  • DSSRV
  • DSNVS
  • DS ControlPoint

Cause

LDAP (Windows) authentication is not configured on the Digital Sentry system.

Resolution

Configuring LDAP (Windows) authentication on a Digital Sentry system.

Note:
Installations with DS NVs need to be logged in with a local Administrator account. When testing the DS ControlPoint connection, make sure to use a client machine and not run the test on the server itself.  DS ControlPoint using Windows Authentication will not properly display the correct user access when run on the server.
 

  1. Launch DS Quick Setup on the Digital Sentry server.

     
  2. Click NextTools button > Windows Authentication Setup.



     
  3. This will launch the DS-ADConfig window

     
  4. Verify Use Current Credentials is checked and click Ok.



     
  5. Click Add



     
  6. Provide a name for the group in the Group Name field.

     
  7. Enter a group description in the Description field.

     
  8. Check the active box for the desired roles under Role Name column and click Ok.



     
  9. Click Apply in DS-ADConfig window. You will see Success! - Show Log if it is successful.



     
  10. Click Close.

     
  11. DS Quick Setup wizard will still be open. Click Cancel then click Yes on the (Are you sure?) window that comes up.

     
  12. The groups created using DS-ADConfig will now be present in the Computer Management > Local Users and Groups > Groups folder.
    Add the Windows users which will be connecting using DS ControlPoint to the created groups.
    • Workgroup = A user added to the DS-ADConfig created group on the recorder must also be created locally on each PC running DS ControlPoint
      • Changes to user group membership do not take effect until the next time that user logs in; therefore, if a user is logged in at a remote client PC at the time their user is added to the newly created group, that user must close all applications, log out, then log back in so DS ControlPoint can properly connect.
    • Domain = The general configuration is to add a domain user group to the local DS-ADConfig created group on the recorder, then simply add/remove users to the domain group which will also apply to the DS-ADConfig group.

       
  13. Last step is to check the Windows Auth box when adding system in ControlPoint on the client PC. For info on adding a system in ControlPoint click on the following article Configure DS ControlPoint Client to connect to a Digital Sentry Series, DVX (Master Control) or DX Series recorder?