© 2021 AMETEK Power Quality Solutions | Technical Support 800-645-9721 | surgex.com
19
User Manual
LDAP Client Settings Setup
Item
Description
Host
The hostname or IP address of the LDAP server
Port
The port number of the Directory System Agent running on the LDAP server. The default port
number for unsecured LDAP is 389. The default port number for LDAPS or LDAP over SSL is 636.
Use SSL
A switch that will enable or disable SSL when attempting to connect to the LDAP server. This is a
separate option than the port number, in the case that a site is using a nonstandard port for
authentication, but still wants the ability to specify encryption. We always suggest using encryption
when using LDAP.
Base DN
The base point in the directory tree where the user distinguished name search will begin.
User DN
The distinguished name of a user that will be used to authenticate. Multiple users are supported by
using macros. For example in the above image, the username testUser attempts to log in, and the
User DN pulls the name “Test User” from the user’s definition for use in the authentication to
replace the string %FullName%.
TLS Require Cert
This specifies how to handle server certificates during TLS negotiations.
Never
: the client never
asks the server for a certificate.
Allow
: the client will ask for a certificate; if none is provided the
session proceeds normally. If a certificate is provided but the client is unable to verify it, the
certificate is ignored and the session proceeds normally, as if no certificate had been provided.
Try
: the certificate is requested, and if none is provided, the session proceeds normally. If a
certificate is provided and it cannot be verified, the session is immediately terminated.
Demand
:
the certificate is requested and a valid certificate must be provided, otherwise the session is
immediately terminated.
Certificate File
This is the certificate that will be sent to the LDAP Server when/if requested.
User Name
The information for a user that is defined in the Users page. The first part (name), is accessible by
the %FullName% macro, and the second part (username) is accessible with the %UserName%
macro.
Password
The password for the given user to test the LDAP server configuration.
Test User
A button to send an authentication request using the given settings for the user and password
above. NOTE: Settings should be saved using the “Save Settings” button at the bottom of the page
before testing a configuration change.
