Configuring LDAP DNs (Base Paths) per LDAP Server
The LDAP Search DN table lets you configure LDAP base paths. The table is a "child" of the LDAP Servers table (see Configuring LDAP Servers) and configuration is done per LDAP server. For the device to run a search using the LDAP service, the base path to the directory’s subtree, referred to as the distinguished name object (or DN), where the search is to be done must be configured. For each LDAP server, you can configure up to three base paths.
The following procedure describes how to configure DNs per LDAP server through the Web interface. You can also configure it through ini file [LdapServersSearchDNs] or CLI (configure system > ldap-configuration > ldap-servers-search-dns).
| ➢ | To configure an LDAP base path per LDAP server: |
| 1. | Open the LDAP Servers table (Setup menu > IP Network tab > AAA Servers folder > LDAP Servers). |
| 2. | In the table, select the row of the LDAP server for which you want to configure DN base paths, and then click the LDAP Servers Search Based DNs link located below the table; the LDAP Server Search Base DN table opens. |
| 3. | Click New; the following dialog box appears: |
| 4. | Configure an LDAP DN base path according to the parameters described in the table below. |
| 5. | Click Apply, and then save your settings to flash memory. |
LDAP Server Search Base DN Table Parameter Descriptions
|
Parameter |
Description |
|---|---|
|
'Index' set internal-index [Index] |
Defines an index number for the new table row. Note: Each row must be configured with a unique index. |
|
'Base DN' set base-path [Base_Path] |
Defines the full path (DN) to the objects in the AD where the query is done. The valid value is a string of up to 256 characters. For example: OU=NY,DC=OCSR2,DC=local. In this example, the DN path is defined by the LDAP names, OU (organizational unit) and DC (domain component). |