Specifications
Configuring Authentication Managing Active Directory/LDAP
8
ShoreTel Mobility Router Administration Guide 79
Managing Active Directory/LDAP
An Active Directory/LDAP server can be used for authentication. In the case of multiple AD forests,
one LDAP server is used for authentication.
Figure 31: Directory Groups
Defining an Active Directory/LDAP server is optional and based on the type of authentication to be
used. If adding a Secure LDAP server, refer to “Importing a Certificate Authority” on page 68 for
general information about how to import a Certificate Authority, and Best Practice information “Secure
LDAP Certificate Requirements for Active Directory Domain Controllers” on page 311 for specific
instructions regarding importing Secure LDAP certificates.
Check Enable Server Certificate verification for SSL and TLS connections to enforce the server
certificate validation. This validation applies to all the active directory forests configured. Server
certification validation takes place during the SSL and TLS connection establishment process. Refer to
“Secure LDAP Certificate Requirements for Active Directory Domain Controllers” on page 311 for
more information on server certificates. Click Apply.
Adding a Directory Server Group
To add an Active Directory server:
1. Select Configuration > System > Authentication > Directory.
2. Select Add.
Tip
ShoreTel Directory servers can only be used for Directory Search and not for authentication. Refer to
“Adding a ShoreTel Directory Group” on page 83 for more about the ShoreTel Directory.