Skip to content

Add an LDAP server

You learn how to add an LDAP server.

  1. Go to Authentication > Servers and click Add.
  2. From the Server type list, select LDAP server.
  3. Enter a name.
  4. Type an IP address and port.
  5. Specify the settings.

    Setting Description
    Version LDAP version.
    Anonymous login Allow anonymous requests to the LDAP server. Turn off and specify a user name and password to bind user with the server.
    Username Username for the server. Must be specified as a distinguished name (DN) in LDAP syntax. For example, uid=root,cn=user.
    Password Password for the server.
    Connection security

    Connection security for the server.

    We recommend using encryption. Choose from the following options:

    • Simple: Send user credentials as unencrypted plain text.
    • SSL/TLS: Use Secure Sockets Layer/Transport Layer Security to encrypt the connection.
    • STARTTLS: Upgrade a non-encrypted connection by wrapping it with SSL/TLS after or during the connection process. Uses the default port.
    Validate server certificate When using a secured connection, validates the certificate on the external server.
    Client certificate

    Client certificate to use for establishing a secure connection.

    To manage client certificates, go to Certificates.

    Base DN

    Base distinguished name (DN) for the server.

    The Base DN is the starting point relative to the root of the directory tree, where users are specified. Must be specified as a distinguished name (DN) in LDAP syntax. For example, O=Example,OU=RnD.

    To retrieve the Base DN from the directory, click Get base DN.

    Authentication attribute Authentication attribute for searching the LDAP directory. The user authentication attribute contains the sign-in name each user is prompted for, for example, by remote access services.
    Display name attribute Name for the server, which is displayed to the user as the server user name.
    Email address attribute Alias for the configured email address, which is displayed to the user.
    Group name attribute Alias for the configured group name, which is displayed to the user.
    Expiry date attribute Expiry date displayed to the user. The attribute specifies how long a user account is valid.
  6. Click Test connection to validate the user credentials and check the connection to the server.

  7. Click Save.

Go to Authentication > Services and select servers to use for service authentication.