Chapter 7: User Management121Implementing LDAP/LDAPS Remote AuthenticationLightweight Directory Access Protocol (LDAP/LDAPS) is a networkingprotocol for querying and modifying directory services running overTCP/IP. A client starts an LDAP session by connecting to anLDAP/LDAPS server (the default TCP port is 389). The client then sendsoperation requests to the server, and the server sends responses in turn.Reminder: Microsoft Active Directory functions natively as anLDAP/LDAPS authentication server.To use the LDAP authentication protocol:1. Click User Management > Authentication Settings to open theAuthentication Settings page.2. Select the LDAP radio button to enable the LDAP section of thepage.3. Click the icon to expand the LDAP section of the page.Server Configuration4. In the Primary LDAP Server field, type the IP address or DNS nameof your LDAP/LDAPS remote authentication server (up to 256characters). When the Enable Secure LDAP option is selected andthe Enable LDAPS Server Certificate Validation option is selected,the DNS name must be used to match the CN of LDAP servercertificate.5. In the Secondary LDAP Server field, type the IP address or DNSname of your backup LDAP/LDAPS server (up to 256 characters).When the Enable Secure LDAP option is selected, the DNS namemust be used. Note that the remaining fields share the same settingswith the Primary LDAP Server field. Optional6. Type of External LDAP Server.7. Type the name of the Active Directory Domain. For example,testradius.com. Consult your Active Directive Administrator for aspecific domain name.8. In the User Search DN field, enter the Distinguished Name of wherein the LDAP database you want to begin searching for userinformation. Up to 64 characters can be used. An example basesearch value might be: cn=Users,dc=raritan,dc=com. Consultyour authentication server administrator for the appropriate values toenter into these fields.