LDAP Settings Help
 

Authentication Mechanism identifies the binding type used. The card supports simple and Digest MD5 (SASL) mechanisms. For Digest MD5, your DNS server MUST support the reverse lookup on the IP address of your LDAP server.

User Search Bind identifies the binding type used to search user. The card supports anonymous bind, a bind with an accredited user and a bind with the logon user. When an accredited user is used, the Mechanism used is the Mechanism set in the Authentication Mechanism field.

Search User identifies the User which is used to search user information during login step. This attribute is a Distinguished Name when the Authentication Mechanism is set to simple, and a username when the Authentication Mechanism is set to (SASL) Digest MD5

Search User Password identifies the password of the Search User DN.

LDAP User Pattern identifies a regular expression that match a right bind credential from the login identifier. It will be used instead of the "Search User". The pattern could have the following syntax: "domain_name\%loginId%" or "%loginId%@domain_name.com".

User Base DN identifies the database entry from which the user search is started.

User Object identifies the LDAP class of the user object.

User Attribute identifies the attribute name where the login identifier is stored.

Authorization Mode identifies the method to use for authorization.

  • None: all authenticated users are authorized.
  • By User Attribute: the authorization credential (UPSAdministrators value) is stored in the Group Name Attribute of the LDAP user.
  • By Group: the authorization credential is stored in LDAP Groups.

Group Name Value identifies the value of the sAMAccountName attribute field configured in the LDAP server. By default this value is configured with "UPSAdministrators".

UPS Group Base DN identifies the database entry from which the UPS group search is started.

Group Name Attribute identifies the attribute name where the UPS group identifier ("UPSAdministrators" value) is stored.

User Name Attribute identifies the attribute name in the object group where the user identifier is stored.


This table shows the LDAP servers list.

Priority identifies the priority order between LDAP servers. The primary is used first, if it is unreachable, the secondary is used.

LDAP Server Name or IP Address identifies the name or the server IP address.

Port identifies the remote LDAP server port.