User authentication LDAP
IX30 User Guide
740
b. For Hostname, type the hostname or IP address of the LDAP server.
c. (Optional) Change the default Port setting to the appropriate port. Normally this should
be left at the default setting of port 389 for non-TLS and 636 for TLS.
d. (Optional) Click again to add additional LDAP servers.
5. (Optional) Enable Authoritative to prevent other authentication methods from being
attempted if LDAP login fails.
6. For TLS connection, select the type of TLS connection used by the server:
n
Disable TLS: Uses a non-secure TCP connection on the LDAP standard port, 389.
n
Enable TLS: Uses an SSL/TLS encrypted connection on port 636.
n
Start TLS: Makes a non-secure TCP connection to the LDAP server on port 389, then
sends a request to upgrade the connection to a secure TLS connection. This is the
preferred method for LDAP.
7. If Enable TLS or Start TLS are selected for TLS connection:
n
Leave Verify server certificate at the default setting of enabled to verify the server
certificate with a known Certificate Authority.
n
Disable Verify server certificate if the server is using a self-signed certificate.
8. (Optional) For Server login, type a distinguished name (DN) that is used to bind to the LDAP
server and search for users, for example cn=user,dc=example,dc=com. Leave this field blank
if the server allows anonymous connections.
9. (Optional) For Server password, type the password used to log into the LDAP server. Leave
this field blank if the server allows anonymous connections.
10. For User search base, type the distinguished name (DN) on the server to search for users. This
can be the root of the directory tree (for example, dc=example,dc=com) or a sub-tree (for
example. ou=People,dc=example,dc=com).
11. For Login attribute, enter the user attribute containing the login of the authenticated user. For
example, in the LDAP user configuration, the login attribute is uid. If this attribute is not set,
the user will be denied access.
12. (Optional) For Group attribute, type the name of the user attribute that contains the list of
IX30 authentication groups that the authenticated user has access to. See LDAP user
configuration for further information about the group attribute.
13. For Timeout, type or select the amount of time in seconds to wait for the LDAP server to
respond. Allowed value is between 3 and 60 seconds.
14. Add LDAP to the authentication methods:
a. Click Authentication > Methods.
b. For Add method, click .
To Next Page
Loading...
Need help?
General
