LDAP Server Configuration
To add users from Windows Active Directory to User Manager, you need configure a new LDAP Server connection. The New LDAP Server includes the following settings for connecting to the server.
Type |
Active Directory This is not configurable; Windows Active Directory is the only LDAP directory supported in version 8.1. |
Domain Name |
The authentication domain name. This must be the name of the domain to which users authenticate. In the login mydomain\myusername, the authentication domain name is mydomain. If users include a domain name when they log in, it must match the Domain Name you specify here. Users can also log in without including the domain name. User Manager will search the domains for a match of the UserID and password provided. When no domain name is included, a UserID for a different domain could match and allow login if the passwords for both accounts are the same. |
Server |
LDAP Server address This can be a specific server name (myserver.mydomain.com), an IP address (10.10.123.123), or the domain address (mydomain.com) |
Port |
Port used by the LDAP server. 3268 is the default, and is standard for Active Directory global catalog for non-secure connections (LDAP). 3269 is the default for secure Active Directory global catalog for secure connections (LDAPS). Use of a global catalog port is recommended for better performance. For connections without using global catalog, the following ports are standard: 389 is standard for non-secure connections. 636 is standard for secure connections. |
UserID |
Name of a user who has read access to this LDAP directory. You must include the user's domain. For example: mydomain\user user@mydomain user@mydomain.com |
Password |
The LDAP user's password |
Base DN |
The base DN under which users are located. For Example: OU=Users,DC=mydomain,DC=com |
LDAP Filter |
(Optional) Limits the list of users added to User Manager to those included in the specified filter. If no filter is specified, all users in the specified Base DN are added. Use standard LDAP filter syntax. This example retrieves users in the group MyGroup: (&(objectCategory=user)(memberOf=CN=myGroup,OU=Users,DC=mydomain,DC=com)) |
Secure Connection |
Select this option to connect to the server using LDAP over SSL (LDAPS). To make a successful secure connection, you must enable Secure Connection, provide the correct Port for LDAPS connections to this server (the port changes to 3269 by default), and use Add Certificate to browse to the certificate for this server. After you retrieve a certificate, information about that certificate will be displayed on the page. |
 |