A
PPENDIX
A: A
UTHENTICATION
O
PERATIONS
T
IER
1: S
INGLE
S
IGN
-O
N
A
UTHENTICATION
M86 S
ECURITY
U
SER
G
UIDE
189
LDAP server setup rules
WARNING
: The instructions in this user guide have been docu-
mented based on standard default settings in LDAP for Microsoft
Active Directory Services. The use of other server types, or any
changes made to these default settings, must be considered
when configuring the Web Filter for authentication.
If LDAP will be used, the following items should be consid-
ered:
• The administrator in charge of the LDAP server should
create a user for the Web Filter in order to give that user
full read access to the groups and users in the directory.
• Since the LDAP directory is structured as a tree, data
needs to be retrieved the same way. Additionally, the
order of the syntax is reversed compared to how it
appears in normal file system folders. The deepest layer
is listed first, in a similar manner as a DNS domain name:
e.g. “engineering.company.net”. In LDAP, a directory
entry would look like this: “cn=engineering,dc=company,
dc=net”.
•
Make sure all network configuration settings are correct
(such as DNS, IP, etc.) before configuring LDAP settings.
NOTE
: All filtering profiles are stored on the Web Filter.