Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create an LDAPS Profile

LDAPS profile configuration supports high availability (HA). You must configure both primary and secondary LDAPS servers. If you enable SSL encryption, the default SSL LDAP port number is 636. If you are not using SSL, the default port number is 389.
  1. Click Secure Edge > Identity > User Authentication.
    The End User Authentication page is displayed.
  2. Click the LDAPS tab.
    The LDAPS page is displayed.
  3. Complete the configurations according to the guidelines below:
    Table 1: Fields on the LDAPS profile tab

    Field

    Description

    Primary Server

    Server address

    Enter the IP address of LDAP authentication server. The server address is a unique IPv4 or IPv6 address that is assigned to a particular LDAP server and used to route information to the server.

    SSL certificate

    The client certificate for LDAP client to establish an LDAP over SSL connection. If you plan to use SSL encryption with your LDAP server, you must import the SSL certificate from the LDAP server. Click Browse, select the SSL certificate and click Open.

    Port number

    Specify a port on the LDAP server to which the LDAP client can connect to.

    Secondary Server (Optional)

    Click the toggle button to enable the secondary server.

    Server address

    Enter the IP address of secondary LDAP authentication server. The server address is a unique IPv4 or IPv6 address that is assigned to a particular LDAP server and used to route information to the server.

    SSL certificate

    The client certificate for LDAP client to establish an LDAP over SSL connection. If you plan to use SSL encryption with your secondary LDAP server, you must import the SSL certificate from the LDAP server. Click Browse, select the SSL certificate and click Open.

    Port number

    Specify a port on the secondary LDAP server to which the LDAP client can connect to.

    Test LDAP Servers Connection

    Click Test LDAP Servers Connection to check if the connection is established.

    LDAP Authentication

    Base domain name

    Enter the distinguished name (DN) of the search base. Configure the distinguished name of the search base (LDAP base) that specifies the base of user directory. Every entry in the directory has a distinguished name (DN). The DN is the name that uniquely identifies an entry in the directory.

    Bind domain name

    Enter the distinguished name of the proxy account of the LDAP client to bind to the server with. Configure the distinguished name to bind the LDAP client with the LDAP server.

    Bind password

    Enter the credentials of the LDAP client to bind with the LDAP server. Configure the public key password. Click Test Authentication to check if the credentials are bound for authentication.

    User Options

    User attribute

    Enter the username attribute that is used for comparing user entries. The username attribute has permissions to access the LDAP server.

    User filter

    Enter a value to use for the search parameter filter in LDAP.
  4. Click Save.