Manualshelf

Specifications

ManualsBrandsShoreTel ManualsComputer equipmentMobility Router 4000
919293949596979899100
Configuring Authentication Adding a Directory Server Group
8
ShoreTel Mobility Router Administration Guide 81
3. Select an Interface. By default, the IP address associated with the primary interface is chosen.
This interface is used by the Mobility Router for communicating with the UC server.
4. Type the IP address for the Primary Active Directory/LDAP server. Use the server's FQDN if you
plan to enforce the Secure LDAP server certificate verification.
5. Type the IP address for the Secondary Active Directory/LDAP server, if available.
6. Type the IP address for the Tertiary Active Directory/LDAP server, if available.
7. In the LDAP Port field, use port number 389 or enter another appropriate port number.
8. In the Bind DN field, type the Full Distinguished Name format of the Active Directory/LDAP server.
For example:
cn=user,CN=Users,DC=domainname,DC=com
9. In the Bind DN Password field, enter the Bind DN password to bind the LDAP server to the LDAP
directory for write access. This password must be available for the Mobility Router to make an
authentication request.
10. In the Base DN field, type the Base Distinguished Name format. For example:
CN=Users,DC=domainname,DC=com
11. In the User ID Attribute Name field, type the LDAP attribute name used for User ID.
In the Active Directory server, Mobility Router default User ID Attribute Name is
sAMAccountName.
12. Check Referrals to support receiving a referral request from the active directory server. This
provides information for redirecting the Mobility Router to another active directory server.
13. In the Bind Timeout field, use the default timeout number 5 or enter another appropriate timeout
value.
14. In the Security Type dropdown menu:
a. Select None for using plain text LDAP communication protocol between the Mobility Router
and the Active Directory server. The user's credential is transmitted in plain text.
b. Select SSL for a secure session using secure LDAP (ldaps URL at port 636) using SSLv3.
c. Select TLS for a secure session using STARTTLS method over the standard ldap URL and
port 389. STARTTLS is an extension to plain text communication protocols, which offers a way
to upgrade a plain text connection to an encrypted TLS connection, instead of using a
separate port for encrypted communication. For more information refer to STARTTLS for
LDAP in RFC 2830.
15. Use the default Secure LDAP Port value, or enter an appropriate port number if your server uses
a different port.
Note
This option is only configurable when used in conjunction with ShoreTel Connect.