To open this window, select LDAP in the Select Authentication Server window.
The following table describes the fields and settings used to edit the server information.
Item |
Description |
---|---|
Certificate File Name |
Specify a certificate file. Click Browse to find the file. The specified certificate is also used for the secondary server. |
DNS Lookup |
Specify whether to search for the LDAP server using the information registered in the SRV records in the DNS server.
|
Authentication Protocol |
Specify an LDAP protocol to use. Available protocols are as follows.
If you select Enable in DNS Lookup, you cannot select LDAP over SSL/TLS. |
External User Group Mapping |
Specify whether to connect an authentication server to an authorization server.
|
External User Group Mapping - Host Name |
Specify a host name of the LDAP server. ASCII code characters, hyphens (-), and periods (.) can be specified. If you select Enable in DNS Lookup, this item is disabled. |
External User Group Mapping - Port Number |
Specify a port number of the LDAP server. If you select Enable in DNS Lookup, this item is disabled. |
External User Group Mapping - Domain Name |
Specify a domain name that the LDAP server manages. You can specify ASCII code characters, hyphens (-), and periods (.). |
External User Group Mapping - User Name Attribute |
Specify an attribute name to identify a user, such as a user ID. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` {| } ~
|
External User Group Mapping - Timeout |
Specify the number of seconds before connection to the LDAP server times out. |
External User Group Mapping - Retry Interval |
Specify a retry interval in seconds when the connection to the LDAP server fails. |
External User Group Mapping - Number of Retries |
Specify retry times when the connection to the LDAP server fails. |
External User Group Mapping - Base DN |
Search for users to authenticate by specifying a base DN. Available characters: Alphanumeric characters (ASCII characters) and all symbols.
To use symbols such as + ; , < = and > in the basedn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+. To use backslash (\) , forward slash (/), or quotation mark (") in the basedn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
|
External User Group Mapping - Search User's DN |
Search for a user by specifying a DN. Available characters: Alphanumeric characters (ASCII characters) and all symbols. If you specify sAMAccountName in External User Group Mapping - User Name Attribute, or if you select Enable in External User Group Mapping, this item must be specified. To use symbols such as + ; , < = and > in the searchdn field, type a backslash (\) before each symbol. When using multiple symbols, each symbol must have a backslash (\) before it. For example, to enter abc++, type abc\+\+. To use backslash (\) , forward slash (/), or quotation mark (") in the searchdn field, type a backslash (\) followed by the ASCII code in hex for the symbol:
|
External User Group Mapping - Password |
Search for a user by specifying his password.Search for a user by specifying his password. Specify the same password that is registered in the LDAP server. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + - . = @ \ ^ _ | If you specify sAMAccountName in External User Group Mapping - User Name Attribute, or if you select Enable in External User Group Mapping, this item must be specified. |
External User Group Mapping - Re-enter Password |
Re-enter the password of the user group you are searching for to confirm your entry. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + - . = @ \ ^ _ | If you enter any password in External User Group Mapping - Password, you must specify this item. |
Secondary Server |
Specify whether to use a secondary LDAP server.
If you select Enable in DNS Lookup, this item is disabled. |
Secondary Server - Host Name |
Specify a host name of the secondary LDAP server. You can specify ASCII code characters, hyphens (-), and periods (.). If you select Disable in Secondary Server, this item is disabled. |
Secondary Server -Port Number |
Specify a port number of the secondary LDAP server. If you select Disable in Secondary Server, this item is disabled. |
Test User Name |
Specify a user name for a server connection test. You can specify ASCII code characters and the following symbols: ! # $ % & ' * + - . / = ? @ ^ _ ` { | } ~ |
Password |
Specify a password of the user name for a server connection test. You can specify ASCII code characters and the following symbols: ! # $ % & ' ( ) * + , -. / : ; < = > ? @[ \ ] ^ _` { | } ~ |
Server Configuration Test |
Click Check to conduct a server connection test for the authentication server and the authorization server based on the specified settings. |
Server Configuration Test - Result |
Displays a result of the server connection test for the authentication server and the authorization server. |