The following general parameters are used for configuration of each server:
•
Name
The name given to the server object for reference purposes in NetDefendOS. For example,
NetDefendOS authentication rules may be defined which reference this name.
This value has nothing to do with the Name Attribute described below. It is only for use by
NetDefendOS and not the LDAP server.
•
IP Address
The IP address of the LDAP server.
•
Port
The port number on the LDAP server which will receive the client request which is sent using
TCP/IP.
This port is by default 389.
•
Timeout
This is the timeout length for LDAP server user authentication attempts in seconds. If no
response to a request is received from the server after this time then the server will be considered
to be unreachable.
The default timeout setting is 5 seconds.
•
Name Attribute
The Name Attribute is the ID of the data field on the LDAP server that contains the username.
The NetDefendOS default value for this is uid which is correct for most UNIX based servers.
If using Microsoft Active Directory this should be set to SAMAccountName (which is NOT case
sensitive). When looking at the details of a user in Active Directory, the value for the user logon
name is defined in the SAMAccountName field under the Account tab.
Note: The LDAP server database determines the correct value
This is an attribute tuple and the LDAP server's database schema definitions
determines the correct ID to use.
•
Retrieve Group Membership
This option specifies if the groups that a user belongs to should be retrieved from the LDAP
server. The group name is often used when granting user access to a service after a successful
logon.
If the Retrieve Group Membership option is enabled then the Membership Attribute option,
described next can also be set.
•
Membership Attribute
The Membership Attribute defines which groups a user is a member of. This is similar to the
way a user belongs to either the admin or audit database group in NetDefendOS. This is another
tuple defined by the server's database schema and the default ID is MemberOf.
In Microsoft Active Directory, the groups a user belongs to can be found by looking at a users
details under the MemberOf tab.
•
Use Domain Name
Some servers require the domain name in combination with a username for performing
8.2.4. External LDAP Servers
Chapter 8. User Authentication
367
Summary of Contents for NetDefend DFL-260E
Page 27: ...1 3 NetDefendOS State Engine Packet Flow Chapter 1 NetDefendOS Overview 27...
Page 79: ...2 7 3 Restore to Factory Defaults Chapter 2 Management and Maintenance 79...
Page 146: ...3 9 DNS Chapter 3 Fundamentals 146...
Page 227: ...4 7 5 Advanced Settings for Transparent Mode Chapter 4 Routing 227...
Page 241: ...5 4 IP Pools Chapter 5 DHCP Services 241...
Page 339: ...6 7 Blacklisting Hosts and Networks Chapter 6 Security Mechanisms 339...
Page 360: ...7 4 7 SAT and FwdFast Rules Chapter 7 Address Translation 360...
Page 382: ...8 3 Customizing HTML Pages Chapter 8 User Authentication 382...
Page 386: ...The TLS ALG 9 1 5 The TLS Alternative for VPN Chapter 9 VPN 386...
Page 439: ...Figure 9 3 PPTP Client Usage 9 5 4 PPTP L2TP Clients Chapter 9 VPN 439...
Page 450: ...9 7 6 Specific Symptoms Chapter 9 VPN 450...
Page 488: ...10 4 6 Setting Up SLB_SAT Rules Chapter 10 Traffic Management 488...
Page 503: ...11 6 HA Advanced Settings Chapter 11 High Availability 503...
Page 510: ...12 3 5 Limitations Chapter 12 ZoneDefense 510...
Page 533: ...13 9 Miscellaneous Settings Chapter 13 Advanced Settings 533...