Configuring integration with an external directory service using the LDAP protocol
To configure integration with an external directory service using the LDAP protocol:
- Select the Settings tab in the main window of the application's web interface.
- Select the LDAP settings subtab by clicking the LDAP link.
- Open the Connection and authentication settings window by clicking the External directory service link. The link is located in the Service type settings group.
- In the External directory service settings group, select one of the following options:
- Not in use, if you do not want to use an external directory service.
- Generic LDAP, if you want to use a standard implementation of the LDAP protocol.
- Active Directory®, if you want to use the LDAP-compatible implementation of a Microsoft external directory service.
- User directory service, if you want to use a custom implementation of the external directory service.
- If you selected the Generic LDAP or Active Directory option at Step 4, specify the connection and authentication settings as well as the settings of the search for users and groups in the external directory service.
To specify the connection and authentication settings:
- Click any link in the Connection and authentication settings section to open the Connection and authentication settings window.
- In the Connection and authentication settings window, go to the Server settings section and specify the settings of the connection to an external directory service:
- In the Server field, enter the name or IP address of the server that is hosting the openLDAP or Active Directory service.
- In the Port field, enter the port number for connecting to the server that is hosting the openLDAP or Active Directory service.
- In the Connection type drop-down list, select the type of connection to Active Directory or the server hosting the openLDAP service: TLS, LDAP via SSL or without encryption.
- In the Connection and authentication settings window, go to the Authentication settings section and specify the authentication settings to be used during connection to Active Directory or the server hosting the openLDAP service:
- In the User name field, enter the administrator's account.
- In the Password, field enter the administrator's password.
- In the Connection and authentication settings window, go to the Search settings section and specify the controllers of domains in which the accounts will be searched.
- In the Connection and authentication settings window, click the Check button to test the connection to Active Directory or the server hosting the openLDAP service.
If the connection is successful, the following text should appear on the right of the Check button: Connection established .
If the connection has failed, check to make sure that the settings are correct.
- In the Connection and authentication settings window, click the Apply button.
- To specify a filter for communicating with Active Directory or the server hosting the openLDAP service:
- Click any link in the LDAP filter settings section to open the LDAP filter settings window.
- In the LDAP filter settings window, in the User authentication field specify the filter to be used during user authorization (for example, for accessing the user's messages in Backup).
- In the User and group search entry field, specify the filter to be used when searching for a user or group of users.
- In the Fetch users' DNs and their groups, specify the filter to be used when searching for users or groups to which such users belong based on their email address.
- If necessary, in the Fetch groups by user's DN entry field enter the filter to be used when searching for all users belonging to the specified group. This filter is used when the user group could not be determined using the filter specified in the Fetch users' DNs and their groups field.
- If necessary, select the Use recursive search check box to search all higher-level groups to which the user or user group belongs. By default, the search of higher-level groups is not performed.
- Click the Apply button.
|