User guide
Chapter 5: Users, Groups, and Access Permissions
65
2. (Optional)TypetheIPAddressorDNSnameofyourbackupLDAP
serverintheSecondaryLDAPServerfield.WhentheEnableSecure
LDAPoptionisselected,theDNSnamemustbeused.Pleasenote
thattheremainingfieldssharethesamesettingswiththePrimary
LDAPServerfield.
3. Typetheserv
ersecret(password)requiredtoauthenticateagainst
yourremoteauthenticationserverintheSecretPhrasefieldand
againintheConfirmSecretPhrasefield.Donotchangetheexisting
schema.UsethestringinuseontheLDAPserver.
4. SelecttheEnableSecureLDAPcheckboxifyouwouldlik
etouse
SSL;theSecureLDAPPortfieldisenabled.SecureSocketsLayer
(SSL)isacryptographicprotocolwhichallowsKXII‐101to
communicatesecurelywiththeLDAPserver.
5. ThedefaultPortis389.EitherusethestandardLDAPTCPportor
specifyanotherport.
6. ThedefaultSecu
reLDAPPortis636.Eitherusethedefaultportor
specifyanotherport.ThisfieldisenabledwhentheEnableSecure
LDAPcheckboxisselected.
7. CertificateFile.Consultyourauthenticationserveradministratorto
gettheCAcertificatefileinBase64encodedX‐509formatforthe
LDAPserver.UsetheBro
wsebuttontonavigatetothecertificate
file.ThisfieldisenabledwhentheEnableSecureLDAPoptionis
checked.
8. DNofadministrativeUser.DistinguishedNameofadministrative
user;consultyourauthenticationserveradministratorforthe
appropriatevaluestotypeintothisfield.AnexampleDNof
adm
inistrativeUservaluemightbe:
“cn=Administrator,cn=Users,dc=testradius,dc=com”.
9. UserSearchDN.Thisdescribesthenameyouwanttobindagainst
theLDAP,andwhereinthedatabasetobeginsearchingforthe
specifiedBaseDN.AnexampleBaseSearchvaluemightbe:
“cn=Users,dc=raritan,dc=com”.Consultyourauthenticationserver
administratorfortheappropriatevaluestoenterint
othesefields.
10. TypeofexternalLDAPserver.Choosefromamongtheoptions
available:
GenericLDAPServer.
MicrosoftActiveDirectory.ActiveDirectoryisan
implementationofLDAPdirectoryservicesbyMicrosoftforuse
inWindowsenvironments.