Configure LDAP Server

Configure LDAP Server allows you to configure an LDAP server to authenticate users for SFM sign-in.

To sign in, users need to use their Windows authentication tokens. SFM authentication request to the LDAP server, which authenticate the user based on the token.

  1. Go to System & Monitor > System Settings > System > Authentication Server and select Add.
  2. Select Server Type as LDAP Server.
  3. Enter LDAP details.
    Server Name
    Name to identify the server.
    Authentication Server IP
    Specify LDAP Server IP address.
    Port
    Specify Port number through which Server communicates.
    Default port is 389.
    Version
    Select LDAP version. For example, 2. Default value is Version 3.
    Base DN

    Specify the base distinguished name (Base DN) of the directory service, indicating the starting point for searching user in the directory service. If you are not aware about Base DN, click Get Base DN to retrieve base DN.

    The top level of the LDAP directory tree is the base, referred to as the "Base DN". A base DN usually takes one of the three forms: Organization name, Company’s Internet Domain name or DNS domain name. For example dc=google, dc=com

    Administrator
    Specify Username for the user with Administrative privileges for LDAP server.
    Password
    Specify Password for the user with Administrative privileges for LDAP server
    Authentication Attribute
    Set authentication attribute. It is the attribute used to perform user search.
    By default, LDAP uses uid attribute to identify user entries. If you want to use a different attribute (such as given name), specify the attribute name in this field.
    Figure: Add LDAP Server
  4. Click Test Connection button to check the connectivity between LDAP and the device.
  5. Click Save.
    Note SFM will not fetch user directly from LDAP server. SFM admin must create user with Authentication Type - External from System & Monitor > System Settings > Administration > User.