D-Link DFL-260 Product Manual - Page 362
Important: The Base Object must be specified correctly, Database Settings
UPC - 790069296802
View all D-Link DFL-260 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 362 highlights
8.2.4. External LDAP Servers Chapter 8. User Authentication successful authentication. The domain name is the host name of the LDAP server, for example myldapserver. The choices for this parameter are: i. None - This will not modify the username in any way. For example, testuser. ii. Username Prefix - When authenticating, this will put \ in front of the username. For example, myldapserver/testuser. iii. Username Postfix - When authenticating, this will add @ after the username. For example, testuser@myldapserver. If the choice is other than None, the Domain Name parameter option described below should be specified. Different LDAP servers could handle the domain name differently and you should check your servers requirements. Most versions of Windows Active Directory require the Postfix option to be used. • Routing Table The NetDefendOS routing table where route lookup will be done to resolve the server's IP address into a route. The default is the main routing table. Database Settings The Database Settings are as follows: • Base Object Defines where in the LDAP server tree search for user accounts shall begin. The users defined on an LDAP server database are organized into a tree structure. The Base Object specifies where in this tree the relevant users are located. Specifying the Base Object has the effect of speeding up the search of the LDAP tree since only users under the Base Object will be examined. Important: The Base Object must be specified correctly If the Base Object is specified incorrectly then this can mean that a user will not be found and authenticated if they are not in the part of the tree below the Base Object. The recommended option is therefore to initially specify the Base Object as the route of the tree. The Base Object is specified as a common separated domainComponent (DC) set. If the full domain name is myldapserver.local.eu.com and this is the Base Object then this is specified as: DC=myldapserver,DC=local,DC=eu,DC=com The username search will now begin at the root of the myldapserver tree. • Administrator Account The LDAP server will require that the user establishing a connection to do a search has administrator privileges. The Administration Account specifies the administrator username. This username may be requested by the server in a special format in the same way as described previously with Use Domain Name. • Password/Confirm Password The password for the administrator account which was specified above. 362