Table of Contents
Advertisement
Group Configuration for LDAP Authentication Domains
Note The Microsoft Active Directory database uses an LDAP organization schema. The Active
Directory database may be queried using Kerberos authentication (the standard
authentication type; this is labeled "Active Directory" domain authentication in the Dell
SonicWALL SRA management interface), NTLM authentication (labeled NT Domain
authentication in the SRA management interface), or using LDAP database queries. An
LDAP domain configured in the SRA management interface can authenticate to an Active
Directory server.
LDAP (Lightweight Directory Access Protocol) is a standard for querying and updating a
directory. Since LDAP supports a multilevel hierarchy (for example, groups or organizational
units), the SRA appliance can query this information and provide specific group policies or
bookmarks based on LDAP attributes. By configuring LDAP attributes, the SRA appliance
administrator can leverage the groups that have already been configured in an LDAP or Active
Directory database, rather than needing to manually recreate the same groups in the SRA
appliance.
Once an LDAP authentication domain is created, a default LDAP group will be created with the
same name as the LDAP domain name. Although additional groups may be added or deleted
from this domain, the default LDAP group may not be deleted. If the user for which you created
LDAP attributes enters the Virtual Office home page, the bookmark you created for the group
the user is in will display in the Bookmarks Table.
For an LDAP group, you may define LDAP attributes. For example, you can specify that users
in an LDAP group must be members of a certain group or organizational unit defined on the
LDAP server. Or you can specify a unique LDAP distinguished name.
Users Configuration | 329
Hide quick links:
Advertisement
Chapters
Table of Contents
