Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsW-ClearPass Virtual Appliances
211212213214215216217218219220
212 | Authentication Methods and Sources Dell Networking W-ClearPass Policy Manager 6.6 | User Guide
Parameter Action/Description
NOTE: This setting is available only for Active Directory.
Base DN Enter the DN (Distinguished Name) of the node in your directory tree from which to
start searching for records.
1. After entering the values for the fields described above, click Search Base DN to
browse the directory hierarchy.
The LDAP browser opens. You can navigate to the DN that you want to use as the
base DN.
2. Click on any node in the tree structure that is displayed to select it as a base DN.
Note that the base DN is displayed at the top of the LDAP browser.
NOTE: This is also a method to test the connectivity to your LDAP or AD directory. If
the values entered for the primary server attributes are correct, you can browse the
directory hierarchy by clicking Search Base Dn.
Search Scope Select the scope of the search you want to perform, starting at the base DN.
l Base Object Search allows you to search at the level specified by the base DN.
l One Level Search allows you to search up to one level lesser to the immediate
children of the base DN.
l Subtree Search allows you to search the entire subtree under the base DN
(including at the base DN level).
LDAP Referral Enable this check box to automatically follow referrals returned by your directory
server in search results. Refer to your directory documentation for more information
on referrals.
Bind User Enable this check box to authenticate users by performing a bind operation on the
directory using the credentials (user name and password) obtained during
authentication.
For clients to be authenticated by using the LDAP bind method, Policy Manager must
receive the password in clear text.
Password Attribute Enter the name of the attribute in the user record from which user password can be
retrieved.
NOTE: This is available only for Generic LDAP and is not available for Active
Directory.
Password Type Specify whether the password type is Cleartext, NT Hash, or LMHash.
NOTE: This is available only for Generic LDAP.
Table 98: Active Directory or Generic LDAP > Primary Parameters (Continued)