5.
LDAP
LDAP is a vendor-independent protocol standard used for accessing, querying
and updating a directory using TCP/IP. Based on the X.500 Directory Services
model, LDAP is a global directory structure that supports strong security features
including authentication, privacy and integrity.
If individual user accounts are stored on an LDAP-enabled directory service such
as Active Directory, you can use the directory service to authenticate users. The
default values given for the LDAP search and query parameters are defined for
use with Active Directory.
The settings made in the OBWI let you configure your authentication
configuration parameters. The software sends the username, password and other
information to the appliance, which then determines whether the user has
permission to view or change configuration parameters for the appliance in the
OBWI.
Unless otherwise specified, the LDAP default values should be used unless Active
Directory has been reconfigured. Modifying the default values may cause LDAP
authentication server communication errors.
5.1
Configuring LDAP in the user interface
On the LDAP Overview page in the OBWI, you can configure the LDAP
authentication priority and the parameters that define LDAP server connection
information.
LDAP overview parameters
LDAP authentication priority
In the LDAP Priority section of the OBWI, you can disable LDAP, or you can set
the authentication priority by choosing whether local authentication or LDAP
authentication should happen first.
To configure LDAP authentication priority parameters:
1.
Select Appliance - Appliance Settings - User Accounts - LDAP Accounts-
Overview.
2.
Select either LDAP Disabled, LDAP before Local or LDAP after Local for the
LDAP Priority.
3.
Click Save.
590-1058-640A
67