- To configure LDAP authentication by using the configuration utility
- Determining Attributes in Your LDAP Directory
- Configuring LDAP Group Extraction
- Configuring LDAP Group Extraction for Multiple Domains
The base DN is usually derived from the Bind DN by removing the user name and specifying the group where users are located. Examples of syntax for base DN are:
Examples for syntax of bind DN are:
domain/user name ou=administrator,dc=ace,dc=com email@example.com (for Active Directory) cn=Administrator,cn=Users,dc=ace,dc=com
For Active Directory, the group name specified as cn=groupname is required. The group name that you define in NetScaler Gateway and the group name on the LDAP server must be identical.
For other LDAP directories, the group name either is not required or, if required, is specified as ou=groupname.
NetScaler Gateway binds to the LDAP server using the administrator credentials and then searches for the user. After locating the user, NetScaler Gateway unbinds the administrator credentials and rebinds with the user credentials.
When you click Retrieve Attributes, the fields under Other Settings populate automatically. If you don't want to do this, continue with Steps 12 and 13. Otherwise, skip to Step 14.