User Management
664
SonicOS Enhanced 4.0 Administrator Guide
Step 14 The Object class field defines which attribute represents the individual user account to which
the next two fields apply. This will not be modifiable unless you select User defined.
Step 15 The Login name attribute field defines which attribute is used for login authentication. This will
not be modifiable unless you select User defined.
Step 16 If the Qualified login name attribute field is not empty, it specifies an attribute of a user object
that sets an alternative login name for the user in name@domain format. This may be needed
with multiple domains in particular, where the simple login name may not be unique across
domains. This is set to mail for Microsoft Active Directory and RFC2798 inetOrgPerson.
Step 17 The User group membership attribute field contains the information in the user object of
which groups it belongs to. This is memberOf in Microsoft Active Directory. The other pre-
defined schemas store group membership information in the group object rather than the user
object, and therefore do not use this field.
Step 18 The Framed IP address attribute field can be used to retrieve a static IP address that is
assigned to a user in the directory. Currently it is only used for a user connecting using L2TP
with the SonicWALL security appliance L2TP server. In future releases, this may also be
supported for the SonicWALL Global VPN Client (GVC). In Active Director, the static IP address
is configured on the Dial-in tab of a user’s properties.
Step 19 The Object class field defines the type of entries that an LDAP directory may contain. A sample
object class, as used by AD, would be ‘user’ or ‘group’.
Step 20 The Member attribute field defines which attribute is used for login authentication.
Step 21 Select the Directory tab.
Step 22 In the Primary Domain field, specify the user domain used by your LDAP implementation. For
AD, this will be the Active Directory domain name, such as yourADdomain.com. Changes to
this field will, optionally, automatically update the tree information in the rest of the page. This
is set to mydomain.com by default for all schemas except Novell eDirectory, for which it is set
to o=mydomain.