Quick Reference Guide

ManualsBrandsNetgear ManualsWirelessNetgear STM300

161

162

163

164

165

166

167

168

169

170

162 | Chapter 5. Managing Users, Groups, and Authentication

ProSecure Web/Email Security Threat Management (STM) Appliance

2. Complete the fields and make your selections from the drop-down list as explained in the

following table:

Table 47. LDAP Settings

Setting Description

Domain A descriptive (alphanumeric) name of the LDAP or Active Directory authentication server

for identification and management purposes.

Server The server IP address or server host name of the LDAP or Active Directory authentication

server.

Encryption From the drop-down list, select the encryption type for the connection between the STM

and the LDAP or Active Directory server:

• None. The connection is not encrypted. This is the default setting.

• TLS. The connection uses Transport Layer Security (TLS) encryption.

• SSL. The connection uses Secure Socket Layer (SSL) encryption.

Port The port number for the LDAP or Active Directory authentication server. The default port

for the LDAP server is 389, which is generally the default port for TLS encryption or no

encryption. When the encryption is SSL, the default port is generally 636.

Bind DN The LDAP or Active Directory bind distinguished name (DN) that is required to access the

LDAP or Active Directory authentication server. This bind DN needs to be a user in the

LDAP or Active Directory directory that has read access to all the users that you would

like to import into the STM. The Bind DN field accepts two formats:

• A display name in the DN format. For example:

cn=Jamie Hanson,cn=users,dc=test,dc=com.

• A Windows login account name in email format. For example:

jhanson@testAD.com. This last type of bind DN can be used only for a Windows Active

Directory server.

Bind Password The authentication secret or password that is required to access the LDAP or Active

Directory authentication server.

Search Base The distinguished name (DN) at which to start the search, specified as a sequence of

relative distinguished names (rdn), connected with commas and without any blank

spaces. For most users, the search base is a variation of the domain name. For example,

if your domain is yourcompany.com, your search base DN might be as follows: dc=

yourcompany,dc=com.

UID Attribute The attribute in the LDAP directory that contains the user’s identifier (uid).

For an Active Directory, enter sAMAccountName.

For an OpenLDAP directory, enter uid.

Member Groups

Attribute

This field is optional. The attribute that is used to identify the groups an entry belongs to.

For an Active Directory, enter memberOf.

For OpenLDAP, you can enter a customized attribute to identify the groups of an entry.