Specifications
Configuring Authentication Adding a Directory Server Group
8
ShoreTel Mobility Router Administration Guide 88
8. You have the option to perform a Query or Verify across all enabled forests. Refer to “Directory
Query” on page 266 for more information about directory query searches.
9. The first forest configured is the authenticated active directory forest, by default. If appropriate,
select Make Auth to make a different forest the authenticated active directory forest. All other
servers have directory search capability.
10. Click Enable to enable directory search capability on any forest. The Directory Search Enable
box highlights green to indicate it is enabled. Click Disable to disable directory search
capability.Select Verify to verify the server configuration is correct.
11. Check Enable Server Certificate verification for SSL and TLS connections to enforce the
server certificate validation. This validation applies to all the active directory forests configured.
Server certification validation takes place during the SSL and TLS connection establishment
process. Refer to “Secure LDAP Certificate Requirements for Active Directory Domain Controllers”
on page 311 for more information on server certificates.
12. Refer to section “Viewing or Changing Advanced Settings for the Active Directory Authentication
Server” on page 82 for information on the Advanced tab.
Tip
Only one forest can be the authenticated active directory forest. Any additional forests are used for
directory search only. The search for Retrieve All Groups or Retrieve All Groups of Selected User is
performed on the authenticated active directory forest. Refer to External Group Authorization in
“Configuring General Settings” on page 177 for details.
Note
Each forest’s directory search capability can be enabled or disabled, and each forest’s configuration
can be modified or deleted.