Manualshelf

Specifications

ManualsBrandsBarracuda Networks ManualsComputer equipmentSSL VPN
21222324252627282930
30
Configuring LDAP
LDAP configuration is divided into five distinct areas. The first of these is the Configuration tab.
Hostname: Hostname of the server hosting the LDAP service.
Port: Listening port of LDAP service.
Protocol: LDAP protocol to be used. Options include, secured ‘SSL’ communication or
‘plain’, unsecured communication.
Base DN of LDAP server: The ‘base DN’ represents the location where you want to start
LDAP queries within the namespace. This may be the root of the LDAP directory tree or a
specific branch.
Service Account Authentication: The LDAP authentication method required to access the
service. The ‘simple’ method will require valid user account details to access the service;
‘anonymous’ will connect to the directory anonymously with no user credentials required and
‘MD5-Digest’ uses digest authentication to securely send the user credentials as an MD5 hash
to the LDAP service as opposed to plain-text as with the other two methods.
Service Account DN: The ‘distinguished name’ to identify the Service Account User.
Service Account Password: The associated user password.
The next tab OU Filter is an optional tab but allows specific organizational units to be added or
removed.
Create Role Organizational Unit: The OU where new roles will be created.
Create User Organizational Unit: The OU where new users will be created.
Include Organizational Unit Filter: Add any OUs that should be used when listing
accounts and roles. Only the accounts residing in the OUs you specify will be shown. For
further details refer to the section titled, Organizational Unit Filter.
Exclude Organizational Unit Filter: Add any OUs that should not be used in the listing of
accounts and roles.
The next tab is the User Schema tab which provides schema information that the appliance can use to
successfully link to the correct user classes at run time.
User class: The LDAP class object used to represent a User class.
Username attribute: Username’ attribute from the User class, if one exists.
Fullname attribute: ‘Fullname’ attribute from the User class, if one exists.
LDAP!Class!Ob j ects!
The!Barracuda! SSL!VPN!needs!to!understand!wh i ch!User!and!Role!classes!are!in! use!by!the!given!
LDAP!installation.!Since!each!in stallation!can!use!a!different!type ! of!schema!this!in f ormation!
makes!the!appli ance!compatible! with!a!larger!number!of!LDAP!in stallations.!
Email attribute: ‘Email’ attribute from User class, if one exists.
Home directory attribute: ‘Home directory’ attribute from the User class, if one exists.
Role membership attribute: ‘Role membership’ attribute from the User class, if one exists.
Role membership contain DNs?: If the ‘role membership’ attribute value points to a
distinguished name then this box should be checked. The ‘role membership’ attribute can
contain a value or otherwise refer to another object in the directory.