Adding an LDAP Server

If no LDAP servers exist or Add new LDAP server is chosen a screen will be presented with the options needed to add a new server. Many of these options will depend on the specific LDAP directory configuration and structure. If there is any uncertainty about the settings, consult the LDAP server administrator, software vendor, or documentation.

Name Descriptive name for this LDAP server, for reference.

Hostname or IP address The hostname or IP address of the LDAP server.

Port The port on which the LDAP server may be contacted. The default port is 389 for standard TCP connections, and 636 for SSL.

Transport This can be set to TCP – Standard for unencrypted connections, or SSL – Encrypted for secure connections. A standard connection may be sufficient at least for local servers or initial testing. If the server is remote or crosses any untrusted network links, SSL is a more secure choice. If SSL is to be used, the CA Certificate from the LDAP server must be imported into AZTCO-FW, and the Hostname or IP address above must match the value in the Common Name field of the server certificate.

Search Scope Level Selects how deep to search in the LDAP directory, One Level or Entire Subtree.

Most commonly, Entire Subtree is the correct choice.

Search Scope Base DN The Distinguished Name upon which the search will be based. For example DC=example,DC=com

Authentication Containers These values specify where in the directory that users are found. For exam- ple, it may be CN=Users;DC=example.

LDAP Bind User DN The Distinguished Name for a user that can be used to bind to the LDAP server and perform authentication. If this is left blank, an anonymous bind will be performed, and the password setting below will be ignored.

LDAP Bind Password The password to be used with the LDAP Bind User DN.

User Naming Attribute Varies depending on the LDAP directory software and structure. Typically cn for OpenLDAP and Novell eDirectory, and samAccountName for Microsoft Active Directory.

Group Naming Attribute Varies depending on the LDAP directory software and structure, but is most typically cn.

Member Naming Attribute Varies depending on the LDAP directory software and structure. Typically member on OpenLDAP, memberOf on Microsoft Active Directory, and uniqueMember on Nov- ell eDirectory.

© Copyright 2025 . All Rights Reserved. AZTCO-FW| Developed By AZTCO-FW. Powered by AZTCO.