Netgear STM300 STM 150-300-600 Reference Manual (PDF) - Page 163

ProSecure Web/Email Security Threat Management (STM) Appliance Table 47. LDAP Settings (Continued) Setting Description Group Members This field is optional. The attribute that is used to identify the members of a group. Attribute For an Active Directory, enter member. For OpenLDAP, you can enter a customized attribute to identify the members of a group. Additional Filter This field is optional. A filter that is used when searching the LDAP server for matching entries while excluding others. (Use the format described by RFC 2254.) The following search term examples match users only: Active Directory: objectClass=user Open LDAP: objectClass=posixAccount 3. Click Test to verify that the LDAP server can actually function with the LDAP settings that you have specified. The automated test procedure checks the connection to the LDAP server; the bind DN, and the bind password. If any settings require changes, you are notified at the end of the automated test procedure. Note: If the automated test procedure returns the message "LDAP server test passed but size limit exceeded," only a limited number of entries (for example, 1000) was returned after the LDAP server was queried. To ensure that the lookup results include all users and groups, set larger values in the LDAP server. Another workaround is to use a specific search name or a name with a wildcard in the lookup process, so that the subset of the entire list is returned in the lookup result. 4. Click Add to save your settings. The LDAP or Active Directory domain and server are added to the List of LDAP table. To delete a domain and server from the List of LDAP table, click the Delete table button in the Action column for the domain and server that you want to delete. WARNING! After their sessions have expired, users can no longer log in to the STM if the domain that has been assigned to them is the domain that you deleted. Chapter 5. Managing Users, Groups, and Authentication | 163