Field | Description |
Port | Enter the port number on which the LDAP server is listening. The default LDAP port is |
| 389. |
Base DN | Enter the base distinguished name for this connection. The base distinguished name |
| defines the top of the directory tree. To obtain a list of base distinguished names for |
| a particular directory, make sure the host name and port fields have been filled in |
| correctly and then click the Fetch button. If the directory server has been set up to |
| require authentication for this operation, the Bind DN and Password fields will have |
| to be filled in correctly as well. The LDAP Browser will attempt to connect to the |
| specified LDAP server, obtain the list of supported base distinguished names, and |
| populate the Base DN option menu with those names. |
Secure connection | Choose whether to communicate with the LDAP server using the Secure Sockets Layer |
| (SSL). Such communication is possible only if the LDAP server has been configured |
| to accept SSL connections and if the certificate presented by the server during SSL |
| communication is signed by a trusted certificate authority. See Section : Connecting |
| to an LDAP Server using SSL for more information on how to create a trusted certificate |
| store. |
Bind DN | Enter the distinguished name to use for authentication when binding to the LDAP |
| server. To bind to a directory anonymously, leave this field blank. Many directories |
| allow anonymous clients to perform |
| require authentication information for clients that attempt to write to the directory. |
Password | Enter the password that corresponds to the Bind DN that was entered. Leave this field |
| blank if anonymous binding is desired. |
Bind information prompting | When BIND information is entered for a connection entry, this information is stored |
| in the LDAP Browser configuration file in the user's home directory. If the security of |
| the user's home directory is compromised, that bind information could potentially be |
| obtained from the configuration file by an intruder. If this is a concern or if you will |
| not always be binding to the directory as the same user, leave the Bind DN and |
| Password fields blank and click in the checkbox to cause the LDAP browser to prompt |
| for BIND information each time the connection is established. |
Referral strategy | Indicate if you want to automatically follow referrals to entries residing on other LDAP |
| servers. Check either Follow or Don't Follow. |
Alias dereferencing | Pick a strategy for dereferencing LDAP aliases. Check one of the following: Never, |
| Finding, Searching or Always. |
Search limit | You can limit the number of entries that will be returned by any LDAP search operation. |
| Check either None for no search limit, or give a specific limit by checking Limit to |
| radio button and then entering a value in the results field. This limit can be useful |
| when dealing with very large directories, because searches that return large numbers |
| of entries can take considerable time to complete and the search results can consume |
| a large amount of memory. |
Operation time limit | Enter a time limit (in milliseconds) for any LDAP operation to complete. Check the |
| None radio button to specify no time limit. To specify a time limit, check the Limit to |
| radio button, and then enter a value in milliseconds in the ms field. This option is |
| useful when dealing with slow or unreliable connections. |
|
|
Connecting to an LDAP Server using SSL
The Connection Information form for adding or modifying connections provides an option to use the Secure Sockets Layer (SSL) when communicating with an LDAP server. SSL allows for verification of an LDAP server's identity as well as for encryption of the data that passes between the browser
198 LDAP Directory Server Administration