Raritan Computer KX2-416 Network Router User Manual


 
CHAPTER 8: USER MANAGEMENT 85
Implementing LDAP Remote Authentication
Lightweight Directory Access Protocol (LDAP) is a networking protocol for querying and
modifying directory services running over TCP/IP. A client starts an LDAP session by connecting
to an LDAP server (the default TCP port is 389). The client then sends operation requests to the
server, and the server sends responses in turn.
Reminder: Microsoft Active Directory functions natively as an LDAP authentication server.
To use the LDAP authentication protocol, input the following information:
Figure 53: Authentication Settings (LDAP)
1. Type the IP Address or DNS name of your LDAP remote authentication server in the
Primary LDAP Server field. When the Enable Secure LDAP option is checked, the DNS
name must be used.
2. (Optional) Type the IP Address or DNS name of your backup LDAP server in the Secondary
LDAP Server field. When the Enable Secure LDAP option is checked, the DNS name must
be used. Please note that the remaining fields share the same settings with the Primary
LDAP Server field.
3. Type the server secret (password) required to authenticate against your remote authentication
server in the Secret Phrase field and again in the Confirm Secret Phrase field.
4. Check the Enable Secure LDAP checkbox if you would like to use SSL; the Secure LDAP
Port field is enabled. Secure Sockets Layer (SSL) is a cryptographic protocol which allows
Dominion KX II to communicate securely with the LDAP server.
5. The default Port is 389. Either use the standard LDAP TCP port or specify another port.
6. The default Secure LDAP Port is 636. Either use the default port or specify another port.
This field is enabled when the Enable Secure LDAP box is checked.
7. Certificate File. Consult your authentication server administrator to get the CA certificate
file in Base64 encoded X-509 format for the LDAP server. Use the Browse button to
navigate to the certificate file. This field is enabled when the Enable Secure LDAP option is
checked.