Configuring LDAP Settings on the Wizard

Configure LDAP settings for user-group definition, administrator privileges, or end-user quarantine authentication. You can enable up to two LDAP servers for each IMSA device.

To configure LDAP settings:

  1. Next to LDAP server type, choose the type of LDAP servers on your network:

  2. Next to Enable LDAP1, select the check box.

  3. Next to LDAP server, type the server name or IP address.

  4. Next to Listening port number, type the port number that the LDAP server uses to listen to access requests.

  5. Configure the settings under LDAP2 if necessary

  6. Under LDAP cache expiration for policy servers and EUQ servers, type the Time to Live in minutes.

    Time To Live—Duration that determines how long IMSA retains the LDAP query results in the cache. Specifying a longer duration enhances LDAP query during policy execution. However, the policy server will be less responsive to changes in the LDAP server. A shorter duration means that IMSA has to perform the LDAP query more often, thus lowering the performance.

  7. Under LDAP admin, type the administrator account, and the corresponding password.

  8. Type the base distinguished name.

  9. Select an authentication method:

  1. Click Next >.

 

LDAP Server

LDAP Admin Account (examples)

Base Distinguished Name (examples)

Authentication Method

Active Directory

Without Kerberos:

user1@domain.com (UPN) or domain\user1

With Kerberos:

user1@domain.com

dc=domain, dc=com

Simple

Advanced (with Kerberos)

Domino

user1/domain

Not applicable

Simple

Sun iPlanet Directory

uid=user1, ou=people, dc=domain, dc=com

dc=domain, dc=com

Simple

 

See also: