Filter
Top Products
20 C5619M (8/12)
LDAP Setup
The system manager can connect to and validate user credentials from an Lightweight Directory Access Protocol (LDAP) server allowing for the
integration of the Endura network with single sign-on services. The system manager supports LDAP for Microsoft Active Directory.
The system manager supports the two most common methods for LDAP authentication: simple (single bind) and two-stage bind with a
service account.
Simple (single-bind) authentication associates a user name and password with a distinguished name (DN) to validate user credentials.
The two-stage bind authentication method uses a service DN and a service DN password to establish the initial bind with the LDAP server. Upon
a successful initial bind, a search is performed using the base DN, the first key from the Search Attributes field, and the user name. If the user’s
information is found, the second bind is performed using the DN to authenticate user credentials.
NOTES:
• The system manager can connect to the LDAP server over the primary network interface or the secondary network interface if the LDAP
server resides on the same subnet as the secondary network interface.
• You must disable password expiration from the WS5200 application before enabling LDAP.
• If LDAP is enabled and you need to change the password for the admin user, you must do so through the Web Configuration Application.
• A User Name must exist in both the LDAP directory and Endura users list for successful user validation; in an LDAP validated system, user
permissions are still managed from the Endura network. Refer to your WS5200 software manual for more information about configuring
users, roles, and permissions.
• This guide provides instructions for configuring simple or two-stage bind LDAP authentication schemes; however, the system manager may
support additional LDAP authentication schemes.
Click the LDAP tab to access your system manager’s LDAP settings.
Figure 10. LDAP Settings Tab