-
Fill in all the necessary data and settings.
-
Press Save button to cave changes.
Form items explanation:
|
Name |
Basic Description |
Default Value |
Advanced Description |
|---|---|---|---|
|
Id |
LDAP Connection ID |
dev.local |
Unique LDAP connection ID |
|
URL |
LDAP Connection url (ldap://[hostname/ip]:[port] or ldaps://[hostname/ip]:[port]) |
ldaps://10.79.5.196:636 |
URL to reach LDAP server. Multiple urls can be added separated by a space. The pool of connections will be initialised in a Round Robin manner using the configs. |
|
Base DN |
A distinguished name (DN) that identifies the starting point of a search |
DC=dev,DC=local |
Base DN for LDAP bind. Search starts in this OU. |
|
Username |
LDAP Server credentials username |
ldap_bind_dev1@dev.local |
username used for LDAP authentication |
|
Password |
LDAP Server credentials password |
<password> |
password used for LDAP authentication |
|
Additional Filters |
Filter query to be used on user filtering |
|
additional filter to reduce search results - typically based on objectClass. This needs to be written with LDAP syntax. e.g. (!(objectclass=foreignSecurityPrincipal)) |
|
Connect Timeout (ms) |
Connection timeout in miliseconds |
5000 |
|
|
Read Timeout (ms) |
Read timeout in miliseconds |
5001 |
|
|
Domain Pattern |
|
dev.local |
Domain pattern used in a search query.
|
|
Query nested groups |
Active Directory specific flag indicating if the list of user groups will be computed by flattening the hierarchical tree |
OFF |
In case of complex group hierarchy slows down queries. Recommend to switch off. |
|
Has groups with foreign users |
|
ON |
When set, groups from non-local (foreign) domains will be also included. |
|
Draft connection |
Flag that indicates if the connection should be disabled |
OFF |
Draft connection means not used (disabled). |
|
Accept all certificates (not recommended) |
Disables certificate verification during SSL/TLS handshake, ignoring expired or not trusted certificates |
OFF |
Not recommended - significantly reduce security. |
|
Disable hostname verification (not recommended) |
Disables hostname verification during SSL/TLS handshake |
OFF |
Not recommended - significantly reduce security. Certificate must contain DNS name used in URL parameter. Must be switched on in case of IP address used in URL. |