Skip to main content

Configuring general LDAP settings

  1. On the LDAP/E-Directory Settings page, click General Settings.

  2. Select or clear the check box of Enable LDAP/E-Directory Authentication to enable or disable LDAP/E-Directory authentication.

    Note

    All the other fields can be set only after Enable LDAP/E-Directory Authentication is selected.

  3. Select the encryption type for LDAP/E-Directory from the Encryption Type.
    Note

    Configure a proper port number if SSL is enabled.

  4. Select the Common Name Type as IP Address.

  5. Enter the IP address of LDAP/E-Directory server in the Server Address field.
    Note

    • IPv4 and IPv6 address formats are supported.

    • Configure a fully qualified domain name (FQDN) address when using StartTLS with FQDN.

  6. Specify the LDAP/E-Directory port in the Port field.
    Note

    • The default port number is 389. For SSL connections, the default port number is 636.

    • The value of Port ranges from 1 to 65535.

    • Port 80 is blocked for TCP and UDP protocols.

  7. Specify the Binding Method that is used during bind operations.
    Note

    • Pre-configured Credential can keep Bind DN and password used to authenticate the client to the server.

    • Login Credential requires the client to input Bind DN and password during runtime.

  8. Enter the password in the Password field, which is also used in the bind authentication operation between the client and server.
    Note

    • A password must contain 1 to 48 characters.

    • White space is not allowed.

  9. Enter the Search Base. The search base allows the LDAP/E-Directory server to find which part of the external directory tree is to be searched. This search base may be equivalent to the organization or the group of the external directory.
    Note

    • Search Base is a string of 4 to 64 alpha-numeric characters that must start with an alphabetical character.

    • Special symbols such as dot (.), comma (,), hyphen (-), underscore (_), and equal-to (=) are allowed.

    • Example: ou=login,dc=domain,dc=com

  10. Select Attribute of User Login to find the LDAP/E-Directory server which attribute should be used to identify the user.
    Note

    Only cn or uid is supported.

  11. Select the CA Certificate File that contains the certificate of the trusted CA certs.

  12. Select the Certificate File to find the client certificate filename.

  13. Select Private Key to find the client private key filename.
    Note

    All of the 3 files are required when StartTLS is enabled.

  14. Click Save to save the settings.