D-Link DFL-1660 User Manual page 399
Network security firewall
Hide thumbs
Also See for DFL-1660:
- User manual (483 pages) ,
- Installation manual (45 pages) ,
- Reference manual (948 pages)
Table of Contents
Advertisement
8.2.4. External LDAP Servers
•
Administrator Account
The LDAP server will require that the user establishing a connection to do a search has
administrator privileges. The Administration Account specifies the administrator username. This
username may be requested by the server in a special format in the same way as described
previously with Use Domain Name.
•
Password/Confirm Password
The password for the administrator account which was specified above.
•
Domain Name
The Domain Name is used when formatting usernames. This is the first part of the full domain
name. In our examples above, the Domain Name is myldapserver. The full domain name is a dot
separated set of labels, for example, myldapserver.local.eu.com.
This option is only available if the Server Type is NOT set to Other.
This option can be left empty but is required if the LDAP server requires the domain name when
performing a bind request.
Optional Settings
There is one optional setting:
•
Password Attribute
The password attribute specifies the ID of the tuple on the LDAP server that contains the user's
password. The default ID is userPassword.
This option should be left empty unless the LDAP server is being used to authenticate users
connecting via PPP with CHAP, MS-CHAPv1 or MS-CHAPv2.
When it is used, it determines the ID of the data field in the LDAP server database which
contains the user password in plain text. The LDAP server administrator must make sure that
this field actually does contain the password. This is explained in greater detail later.
Bind Request Authentication
LDAP server authentication is automatically configured to work using LDAP Bind Request
Authentication. This means that authentication succeeds if successful connection is made to the
LDAP server. Individual clients are not distinguished from one another.
LDAP server referrals should not occur with bind request authentication but if they do, the server
sending the referral will be regarded as not having responded.
LDAP Server Responses
When an LDAP server is queried by NetDefendOS with a user authentication request, the following
are the possible outcomes:
•
The server replies with a positive response and the user is authenticated.
Clients using PPP with CHAP, MS-CHAPv1 or MS-CHAPv2 is a special case and
authentication is actually done by NetDefendOS, as discussed later.
•
The server replies with a negative response and the user is not authenticated.
399
Chapter 8. User Authentication
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
