User Guide
372
IRONPORT ASYNCOS 6.3 FOR WEB USER GUIDE
User Authentication Enter values for the following fields:
Base Distinguished Name (Base DN)
The LDAP database is a tree-type directory structure and the
appliance uses the Base DN to navigate to the correct location in the
LDAP directory tree to begin a search. A valid Base DN filter string is
composed of one or more components of the form
object-value. For example dc=companyname, dc=com.
User Name Attribute
Choose one of the following values:
• uid, cn, and sAMAccountName. Unique identifiers in the LDAP
directory that specify a username.
• custom. A custom identifier such as
UserAccount.
User Filter Query
The User Filter Query is an LDAP search filter that locates the users
Base DN. This is required if the user directory is in a hierarchy below
the Base DN, or if the login name is not included in the user-specific
component of that users Base DN.
Choose one of the following values:
• none. Filters any user.
• custom. Filters a particular group of users.
Query Credentials Choose whether or not the authentication server accepts anonymous
queries.
If the authentication server does accept anonymous queries, choose
Server Accepts Anonymous Queries.
If the authentication server does not accept anonymous queries,
choose Use Bind DN and then enter the following information:
• Bind DN. The user on the external LDAP server permitted to
search the LDAP directory. Typically, the bind DN should be
permitted to search the entire directory.
• Password. The password associated with the user you enter in the
Bind DN field.
The following text lists some example users for the Bind DN field:
cn=administrator,cn=Users,dc=domain,dc=com
sAMAccountName=jdoe,cn=Users,dc=domain,dc=com.
If the Active Directory server is used as an LDAP server, you may also
enter the Bind DN username as “DOMAIN\username.”
Table 16-12 LDAP Authentication Settings (Continued)
Setting Description