
Basic Configuration
5.9.8.LDAP Parameters
The
to LDAP groups, and then specify which circuits the members of each group will be allowed to control at each
In order to apply the LDAP feature, you must first define User Names and associated Passwords and group membership via your LDAP server, and then access the
Notes:
•Circuit access rights are not defined at the LDAP server. They are defined via the LDAP Group configuration menu on each
•When LDAP is enabled and properly configured, LDAP authentication will supersede any passwords and access rights that have been defined via the
•If no LDAP groups are defined on a given
•The "default" LDAP group cannot be deleted.
The LDAP Parameters Menu allows the following parameters to be defined:
•Enable: Enables/disables LDAP authentication. (Default = Off.)
•Primary Host: Defines the IP address or domain name (up to 64 characters) for the primary LDAP server. (Default = undefined.)
•Secondary Host: Defines the IP address or domain name (up to 64 characters) for the secondary (fallback) LDAP server. (Default = undefined.)
•LDAP Port: Defines the port that will be used to communicate with the LDAP server. (Default = 389.)
•TLS/SSL: Enables/Disables TLS/SSL encryption. Note that when TLS/SSL encryption is enabled, the LDAP Port should be set to 636. (Default = Off.)
•Bind Type: Sets the LDAP bind request password type. Note that in the Text Interface, when the Bind Type is set to "Kerberos" LDAP, the menu will include an additional prompt (item 14) that is used to select Kerberos parameters as described in Section 5.9.8.5. In the Web Interface, the button which is used to access the Kerberos Parameters menu is located at the bottom of the LDAP Parameters Menu. (Default = Simple.)
•Search Bind DN: Selects the user name who is allowed to search the LDAP directory. (Default = undefined.)