User guide
Chapter 5: Using the Web Interface
90
9. Use only trusted LDAP Server Certificates - Select this checkbox if
you would like to use a trusted LDAP server certificate file, that is, a
certificate file signed by the CA. When NOT selected, you can use all
LDAP/LDAPS server certificates, including a self-signed certificate
file.
10. Server Certificate - Consult your authentication server administrator to
get the CA certificate file for the LDAP/LDAPS server. Use the Browse
button to navigate to the certificate file. This field is required when the
"LDAP over SSL" checkbox is selected.
11. Anonymous Bind - If the external OpenLDAP server permits
anonymous queries to the LDAP directory, you may select this
checkbox. When selected, go to Step 15 since it is not necessary to
specify the Bind Distinguished Name (DN) and Bind Password.
12. Use Bind Credentials - To provide authentication information for the
"bind" operation to the Microsoft Active Directory server, select this
checkbox.
13. Bind DN - Specify the DN of the user who is permitted to search the
LDAP directory in the defined search base.
14. Bind Password and Confirm Bind Password - Enter the Bind password
in the Bind Password field first and then the Confirm Bind Password
field. This information is required if the Use Bind Credentials checkbox
is selected.
15. Base DN for Search - Enter the name you want to bind against the
LDAP/LDAPS (up to 31 characters), and where in the database to
begin searching for the specified Base DN. An example Base Search
value might be: cn=Users,dc=raritan,dc=com. Consult your
authentication server administrator for the appropriate values to enter
into these fields.
16. Type the following information in the corresponding fields. LDAP
needs this information to verify user names and passwords.
Login name attribute (also called AuthorizationString)
User entry object class
User search subfilter (also called BaseSearch)
Note: Dominion PX will preoccupy the login name attribute and user
entry object class with default values, which should not be changed
unless required.
17. Active Directory Domain - Type the name of the Active Directory
Domain. For example, testradius.com. Consult with your Active
Directory Administrator for a specific domain name.
18. To verify if the LDAP/LDAPS configuration is done correctly, you may
click Test Connection to check whether Dominion PX can connect to
the LDAP/LDAPS server successfully.