Chapter 5: User Management84Implementing LDAP/LDAPS Remote AuthenticationLightweight Directory Access Protocol (LDAP/LDAPS) is a networkingprotocol for querying and modifying directory services running overTCP/IP. A client starts an LDAP session by connecting to anLDAP/LDAPS server (the default TCP port is 389). The client then sendsoperation requests to the server, and the server sends responses in turn.Reminder: Microsoft Active Directory functions natively as anLDAP/LDAPS authentication server.To use the LDAP authentication protocol:1. Click User Management > Authentication Settings to open theAuthentication Settings page.2. Select the LDAP radio button to enable the LDAP section of thepage.3. Click the icon to expand the LDAP section of the page.Server Configuration4. In the Primary LDAP Server field, type the IP address or DNS nameof your LDAP/LDAPS remote authentication server (up to 256characters). When the Enable Secure LDAP option is selected andthe Enable LDAPS Server Certificate Validation option is selected,the DNS name must be used to match the CN of LDAP servercertificate.5. In the Secondary LDAP Server field, type the IP address or DNSname of your backup LDAP/LDAPS server (up to 256 characters).When the Enable Secure LDAP option is selected, the DNS namemust be used. Note that the remaining fields share the same settingswith the Primary LDAP Server field. Optional6. Type of External LDAP Server.7. Select the external LDAP/LDAPS server. Choose from among theoptions available: Generic LDAP Server. Microsoft Active Directory. Active Directory is an implementationof LDAP/LDAPS directory services by Microsoft for use inWindows environments.8. Type the name of the Active Directory Domain if you selectedMicrosoft Active Directory. For example, acme.com. Consult yourActive Directive Administrator for a specific domain name.
