LDAP Configuration

Lightweight Directory Access Protocol (LDAP) is a directory service for centralizing management of users, groups, hostnames, and other resources (called objects). This service on the appliance acts as an LDAP client so that:

LDAP users can log in to the FTP and HTTP services.
LDAP user names (instead of numerical ids) can be used to configure root directory ACLs on a share.
LDAP users can be granted privileges for appliance administration. The appliance supplements LDAP information with its own privilege settings.
The LDAP server's certificate can be self-signed.
You cannot supply a list of trusted CA certificates; each certificate must be individually accepted by the appliance administrator.
When an LDAP server's certificate expires, you must delete the server from the list and then add it again to accept its new certificate.

Note - UIDs from 0-99 inclusive are reserved by the operating system vendor for use in future applications. Their use by end system users or vendors of layered products is not supported and can cause security issues with other applications.

To configure LDAP, see the following sections:

Adding an Appliance Administrator (BUI)
Setting Properties with Multiple Attribute Value Pairs (CLI)
Configuring LDAP Security Settings - BUI, CLI
LDAP Properties
LDAP Custom Mappings