Activating the LDAP Connection

You can activate the LDAP connection to set up a connection to your directory service.

A user with read rights to the directory structure under the base DN under which he is located has been created in your directory service. For standardization reasons, Hornetsecurity is recommended as user name.

Note:

In the Microsoft directory service Active Directory, users are granted the required rights by assigning them to the group RAS and IAS Servers.

  1. Navigate to Service Dashboard > LDAP Connection.
  2. Toggle the switch Activate LDAP connection.

    The form below the switch is enabled for input.

    Figure 1: LDAP Connection Form
  3. Fill out the form as follows:
    • User: User name of an LDAP user with read rights over the directory structure under the base DN. The user can also be entered through his email address or the LDAP path. By default the user name Hornetsecurity must be entered here.
    • Password: Password of the user.
    • Server: IP address or hostname of your directory server.
    • Port: Port of your directory service. The default ports for the different LDAP protocols are:
      • LDAP: Port 389
      • LDAPS: Port 636
      • GC_LDAP: Port 3268
      • GC_LDAPS: Port 3269
    • Base DN: LDAP base distinguished name under which the user can be found. For example: DC=myDomain,DC=tld.
  4. If your directory service is reached via LDAPS (see: Securing the LDAP Connection), toggle the switch LDAPS.
  5. If the attributes of your directory service have different names than in the standard configuration of Microsoft Active Directory, configure the LDAP attributes (see Configuring LDAP Attributes).
  6. Click on Apply changes in the lower window area.

    Your settings are saved.

The LDAP connection to your directory server has been configured.