LEGRAND Server Technology PRO3X User Manual page 200

If the external authentication fails, an "Authentication failed" message is displayed. Details regarding
the authentication failure are available in the event log.
You must have the "Change Authentication Settings" permission to configure or modify the
authentication settings.
Adding LDAP/LDAPS Servers
To use LDAP authentication, enable it in the Device Settings > Authentication page, and enter the
information about the LDAP server in the LDAP page.
Note: If the PRO3X clock and the LDAP server clock are out of sync, the installed TLS certificates, if any,
may be considered expired. To ensure proper synchronization, administrators should configure the
PRO3X and the LDAP server to use the same NTP server(s).
▶
To add LDAP/LDAPS servers:
1) Choose Device Settings > Security > LDAP.
2) Click New.
3) Enter information.
Field/setting
IP address /
hostname
Copy settings from
existing LDAP
server
Type of LDAP
server
Security
Port (None/
StartTLS)
Port (TLS)
200
Description
The IP address or hostname of your LDAP/LDAPS server.
• • Without the encryption enabled, you can type either the domain name or IP address
in this field, but you must type the fully qualified domain name if the encryption is
enabled.
This checkbox appears only when there are existing AA server settings on the PRO3X. To
duplicate any existing AA server's settings, refer to the duplicating procedure below.
Choose one of the following options:
• •
OpenLDAP
• •
Microsoft Active Directory.
Determine whether you would like to use Transport Layer Security (TLS) encryption, which
allows the PRO3X to communicate securely with the LDAPS server.
Three options are available:
• •
StartTLS
• •
TLS
• •
None
• •
The default Port is 389. Either use the standard LDAP TCP port or specify another port.
Configurable only when "TLS" is selected in the Security field.
The default is 636. Either use the default port or specify another one.