|
|
IP Address/Hostname
|
IP address or hostname of your LDAP/LDAPS
server.
|
Copy Settings from Existing LDAP Server
|
|
Type of LDAP Server
|
Select one of the following options:
|
Security
|
Determine whether you want to use Transport Layer
Security (TLS) encryption, which allows the HPDU to
communicate securely with the LDAPS server.
Options:
|
Port (None/StartTLS)
|
Default Port is 389. Use the standard LDAP TCP
port or specify a different port.
|
Port (TLS)
|
Configurable only when TLS is selected in the
Security field.
The default is 636. Use the default port or
specify a different port.
|
Enable Verification of LDAP Server
Certificate
|
Select this option if it is required to validate
the LDAP server certificate by the HPDU before the
connection.
If the certificate validation fails, the
connection is refused.
|
CA Certificate
|
Consult with your AA server administrator to get
the CA certificate file for the LDAPS server.
Click Browse, and select and install the
certificate file.
|
Allow Expired and Not Yet Valid
Certificates
|
-
Select this option to make the
authentication succeed regardless of the
certificate validity period.
-
If you deselect this option, the
authentication fails whenever any certificate in
the selected certificate chain is outdated or not
valid yet.
|
Anonymous Bind
|
Enables or disables anonymous bind. When a Bind DN
and password are required to bind to the external
LDAP/LDAPS server, deselect this option.
|
Bind DN
|
Required after deselecting the Anonymous Bind
option.
Distinguished Name (DN) of the user who is
permitted to search the LDAP directory in the
defined search base.
|
Bind Password, Confirm Bind Password
|
Required after deselecting the Anonymous Bind
option.
Enter the Bind password.
|
Base DN for Search
|
Distinguished Name (DN) of the search base, which
is the starting point of the LDAP search.
|
Login Name Attribute
|
Attribute of the LDAP user class which is the
login name. Usually it is the uid.
|
User Entry Object Class
|
Object class for user entries. Usually it is
inetOrgPerson.
|
User Search Subfilter
|
Search criteria for finding LDAP user objects in
the directory tree.
|
Active Directory Domain
|
Active Directory Domain name. Example:
testradius.com.
|