User's Manual
166 Using the CMC Web Interface
Table 5-45. Common Settings
Setting Description
Generic LDAP
Enabled
Enables the generic LDAP service on the CMC. See the
CMC User Guide for details on LDAP.
Use Distinguished
Name to Search
Group Membership
Specifies the distinguished name (DN) of LDAP groups
whose members are allowed access to the device.
Enable SSL
Certificate Validation
If checked, CMC uses the CA certificate to validate the
LDAP server certificate during SSL handshake.
Bind DN Specifies the distinguished name of a user used to bind to the
server when searching for the login user's DN. If not provided
an anonymous bind is used.
Password A bind password to use in conjunction with the bind DN.
NOTE: The bind password is sensitive data, and must be properly
protected.
Base DN to Search The DN of the branch of the directory where all searches
must start from.
Attribute of User
Login
Specifies the attribute to search for. If not configured, the
default is to use uid. It is recommended to be unique within
the chosen base DN, otherwise a search filter must be
configured to ensure the uniqueness of the login user.If the
user DN cannot be uniquely identified by searching the
combination of attribute and search filter, login fails with an
error.
Attribute of Group
Membership
Specifies the LDAP attribute that is used to check for group
membership. This must be an attribute of the group class. If
not specified, the member and unique member attributes are
used.
Search Filter Specifies a valid LDAP search filter. This is used if the user
attribute cannot uniquely identify the login user within the
chosen base DN. If not provided, defaults to (objectClass=
*), which searches for all objects in the tree. The maximum
length of this property is 1024 characters.