Digi IX30 User Manual page 740

User authentication
b. For Hostname, type the hostname or IP address of the LDAP server.
c. (Optional) Change the default Port setting to the appropriate port. Normally this should
be left at the default setting of port 389 for non-TLS and 636 for TLS.
d. (Optional) Click  again to add additional LDAP servers.
5. (Optional) Enable Authoritative to prevent other authentication methods from being
attempted if LDAP login fails.
6. For TLS connection, select the type of TLS connection used by the server:
Disable TLS: Uses a non-secure TCP connection on the LDAP standard port, 389.
n
Enable TLS: Uses an SSL/TLS encrypted connection on port 636.
n
Start TLS: Makes a non-secure TCP connection to the LDAP server on port 389, then
n
sends a request to upgrade the connection to a secure TLS connection. This is the
preferred method for LDAP.
7. If Enable TLS or Start TLS are selected for TLS connection:
Leave Verify server certificate at the default setting of enabled to verify the server
n
certificate with a known Certificate Authority.
Disable Verify server certificate if the server is using a self-signed certificate.
n
8. (Optional) For Server login, type a distinguished name (DN) that is used to bind to the LDAP
server and search for users, for example cn=user,dc=example,dc=com. Leave this field blank
if the server allows anonymous connections.
9. (Optional) For Server password, type the password used to log into the LDAP server. Leave
this field blank if the server allows anonymous connections.
10. For User search base, type the distinguished name (DN) on the server to search for users. This
can be the root of the directory tree (for example, dc=example,dc=com) or a sub-tree (for
example. ou=People,dc=example,dc=com).
11. For Login attribute, enter the user attribute containing the login of the authenticated user. For
example, in the
the user will be denied access.
12. (Optional) For Group attribute, type the name of the user attribute that contains the list of
IX30 authentication groups that the authenticated user has access to. See
configuration
13. For Timeout, type or select the amount of time in seconds to wait for the LDAP server to
respond. Allowed value is between 3 and 60 seconds.
14. Add LDAP to the authentication methods:
a. Click Authentication > Methods.
b. For Add method, click .
IX30 User Guide
LDAP user configuration, the login attribute is uid. If this attribute is not set,
for further information about the group attribute.
LDAP
LDAP user
740