LDAP / E-Directory Settings
From the Lightweight Directory Access Protocol (LDAP) / E-Directory Settings page you need an LDAP or E-
directory server on your network to authenticate IPMIusers. This is done by passing login requests to your
LDAP server and helps to keep authentication centralized and avoid the need to create and update users in
multiple locations.
Important: The LDAP feature will not work with any version of Windows Server implementations of
LDAP/AD. If possible, please use an implementation of LDAP/AD other than Windows Server.
Setting Up LDAP / E-Directory Authentication
1. Navigate to Settings > External User Settings > LDAP/E-Directory Settings > General Settings.
2. Check the Enable LDAP/E-Directory Authentication box to enable this option.
3. Select the Encryption Type to use when communicating with the LDAP server. If SSL is selected,
make sure to use the correct port number.
4. Select IPAddress as the Common Name Type.
5. Enter the IPaddress of the LDAP server in the Server Address field. The IPMI module supports both
IPv4 and IPv6 address formats.
6. If you are using the StartTLS encryption type with FQDN, enter the FQDN address.
7. Enter the LDAP port number in the Port field.
The default port is 389. For SSLconnections the default port is 636. The port value ranges from 1 to
65535.
8. Enter the Bind DN that is used during the binding operation. This authenticates the client to the server.
The Bind DN is a string of 4-64 alpha-numeric characters and it must start with an alphabetic character.
Special characters such as .,-_= are allowed in positions other than the starting character.
9. Enter the Password.
The password must be between 1-48 characters. White space is not supported.
10. Enter the Search Base. The search base defines which part of the external directory tree to be
searched on the LDAP server. The search base may be something equivalent to the organization or
group in the external directory.
The Search Base is a string of 4-64 alpha-numeric characters and it must start with an alphabetic
character. Special characters such as .,-_= are allowed in positions other than the starting character.
11. Use the Attribute of User Login drop-down menu to select the attribute that should be used by the
LDAP/E-directory server to identify the user. The cn and uid attributes are supported by the IPMI
module.
12. Click Save to save the settings.
LDAP / E-Directory Settings 19
To Next Page
Loading...
Need help?
General
