2.4.1 LDAP Authentication

To view the LDAP Authentication, from the Remote Servers, click LDAP Authentication.

The following information is necessary to configure the authentication of LDAP servers. This includes server fields and procedures on configuring, updating, viewing, and deleting server information.

Single sign-on (SSO) can be configured to with or without a shared LDAP authentication server. If the LDAP server is configured, SSO can be configured for remote authentication on an account basis. The default user account (guiadmin) cannot be configured to use remote (LDAP) authentication.

If multiple LDAP servers are configured, the first available server in the list is used to perform the authentication. Secondary servers are only used if the first server is unreachable.

If the user account name has "@" symbol, LDAP Authentication checks for the suffixed domain name in the list of configured LDAP Servers. It then connects to the first available server with a matching domain name to perform the authentication. If this server is not reachable, it proceeds to the next server with a matching domain name.

If the system is not using a DNS server or IP address for the LDAP server, the LDAP server must be added to the etc or hosts file.