Digi IX20W-PR User Manual page 911

User authentication
c. (Optional) Change the default Port setting to the appropriate port. Normally this should be
left at the default setting of port 389 for non-TLS and 636 for TLS.
d. (Optional) Click  again to add additional LDAP servers.
5. (Optional) Enable Authoritative to prevent other authentication methods from being
attempted if LDAP login fails.
6. For TLS connection, select the type of TLS connection used by the server:
n Disable TLS: Uses a non-secure TCP connection on the LDAP standard port, 389.
n Enable TLS: Uses an SSL/TLS encrypted connection on port 636.
n Start TLS: Makes a non-secure TCP connection to the LDAP server on port 389, then
sends a request to upgrade the connection to a secure TLS connection. This is the
preferred method for LDAP.
7. If Enable TLS or Start TLS are selected for TLS connection:
Leave Verify server certificate at the default setting of enabled to verify the server
n
certificate with a known Certificate Authority.
Disable Verify server certificate if the server is using a self-signed certificate.
n
8. (Optional) For Server login, type a distinguished name (DN) that is used to bind to the LDAP
server and search for users, for example cn=user,dc=example,dc=com. Leave this field blank
if the server allows anonymous connections.
9. (Optional) For Server password, type the password used to log into the LDAP server. Leave
this field blank if the server allows anonymous connections.
10. For User search base, type the distinguished name (DN) on the server to search for users. This
can be the root of the directory tree (for example, dc=example,dc=com) or a sub-tree (for
example. ou=People,dc=example,dc=com).
11. For Login attribute, enter the user attribute containing the login of the authenticated user.
For example, in the
set, the user will be denied access.
12. (Optional) For Group attribute, type the name of the user attribute that contains the list of
IX20 authentication groups that the authenticated user has access to. See
configuration
13. For Timeout, type or select the amount of time in seconds to wait for the LDAP server to
respond. Allowed value is between 3 and 60 seconds.
14. Add LDAP to the authentication methods:
a. Click Authentication > Methods.
b. For Add method, click .
IX20 User Guide
LDAP user configuration, the login attribute is uid. If this attribute is not
for further information about the group attribute.
LDAP
LDAP user
911