Create an LDAP domain

When you create a domain, you must give it a name and specify at least one LDAP server.

  1. Select Authentication > LDAP Domains.
  2. The LDAP Domains page is displayed.
  3. Click New Domain.
  4. The New LDAP Domain page is displayed.
  5. Note The Address Book Settings pane is only displayed if the Address Book feature is enabled (the value of the AddressBook.Enabled configuration option is set to true). For information on defining Address Book settings for a domain, refer to Define Address Book settings for a domain. For information on the Address Book LDAP source, refer to LDAP source.
  6. Type a Domain Name. The user must specify this name in the login name, domain_name/user_name, to select this domain if it is not configured as a default domain on LDAP Domains page.
  7. Type a Description for your use.
  8. Under LDAP Servers, click New Server.
  9. A line is added to the Servers List.
  10. In the Server field, type the host name or IP address of the LDAP server.
  11. In the Port field type the LDAP port number for the server. The default is 389.
  12. To test the connection to the LDAP server, click the icon in the column after the Server column.
  13. Click the Save icon (Save) in the Edit column.
  14. Add backup LDAP servers, if any, to the Servers List.
  15. To change the order SecureTransport tries the servers, click Reorder, update the numbers in the Order column, and click Save.
  16. Under LDAP Servers, complete the following fields:
  17. Field Description Valid values and notes
    Protocol Version Select the LDAP protocol version. 2 or 3
    Encryption Enable Secure LDAP, also know as LDAP over SSL or LDAPS. None, TLS, or StartTLS (for LDAP protocol 3 )
    Verify Certificate Chain Configure whether SecureTransport implicitly trusts the LDAP servers in this domain or verifies the LDAP server certificates. See Create an LDAP domain.
    Enable LDAP Referrals Configure whether SecureTransport allows the LDAP server to refer a request to another LDAP server. This option is required when the LDAP directory tree is distributed over a group of servers.
    Enable Anonymous Binds Configure whether SecureTransport uses a Bind DN to access to the LDAP server.

    You can select this option when LDAP servers supports anonymous binding.

    If this option is not selected, the Bind DN field is required.
    Bind DN Type the distinguished name of a user who is allowed access to the LDAP directory for user lookups.

    For authorization purposes, this field is case sensitive.

    If Enable Anonymous Binds is not selected, this field is required.
    Use Bind DN Password If a password is required to bind to the directory service on the LDAP server, select Use Password and enter the password in the fields provided.  
    LDAP Common Case

    Configure whether and how SecureTransport changes the case of the user name it receives from the LDAP database.

    None, Lower, or Upper.

    If the value is Lower or Upper, SecureTransport maps the case of all letters in the user name to the case you specify.
  18. Click Save.

For information on the Address Book LDAP source, refer to LDAP source.

Related topics:

Related Links