USER GUIDE
83
12.2.3 LDAP settings
1. Select the External Authentication tab, the LDAP settings appears, see Figure
78.
Figure 78 LDAP settings
2. Select the Use LDAP authentication server checkbox.
3. Input details of the Active Directory:
Base DN – here you define the base object where the search for users begins. The
search is performed only on this object and the objects below it in the directory
tree. The Base DN string has the standard LDAP syntax: CN=(Common Name…),
OU=(Organizational Unit), DC=(Domain Component). Base DN should be in the
following format DC=domain,DC=tld. For example for the domain KVM.net.org,
the Base DN should be DC=kvm,DC=net,DC=org.
Host – Type the Host name or (preferably) the IP address of the Active Directory
DC server.
Port - Type the LDAP port number. If left blank; AccessIT uses the default LDAP
port 389 (which is the default port for most LDAP servers including Microsoft
Active Directory).
Bind DN – Also known as “User DN” or “Append”. The Bind DN is a
distinguished name of an LDAP object, which serves a gateway to the LDAP
directory. Prior to sending the account/password pair, AccessIT initiates a
conversation handshake with LDAP. This handshake protocol in general needs a
"Bind DN/Bind password" pair to decide, whether the AccessIT client is permitted
to query the LDAP directory server. (For example if we have user Minicom in
group Users in domain KVM.net.org the Bind DN should look like this:
CN=minicom,CN=users,DC=kvm,DC=net,DC=org).
Type the Active Directory objects you would like to search and the user account
that will be used to perform this operation.