Working with customer accounts : Configuring a customer account : Configuring the LDAP server settings
 
Configuring the LDAP server settings
You can optionally configure LDAP server settings to add another layer of security for DS-Client to DS-System connections. These settings apply to all DS-Client accounts belonging to this customer. Each DS-Client must supply credentials that the DS-System will validate on the selected LDAP server.
Once this feature is enabled on DS-System, you must configure the LDAP server where the DS-Clients will authenticate. Each DS-Client is required to configure LDAP user validation by supplying their LDAP server user account credentials. If validation is successful, DS-System will save the LDAP user settings.
On each subsequent DS-Client connection, the DS-System will verify the LDAP user settings with the LDAP server. If the user account exists and is not disabled, then DS-System permits the DS-Client activity.
NOTE:  DS-System supports validation of accounts from an Active Directory (AD) server. DS-System can connect directly to the LDAP server or connect via a proxy server.
To configure the LDAP server settings:
1. In the Customers tab, select the customer you want to configure.
2. On the Customer menu, click Edit, and then click the LDAP tab.
F1 Help: "Edit Customer Profile - LDAP Tab"
3. To activate this option for all DS-Clients belonging to the customer, select the Enable LDAP integration check box.
4. Click the [...] button beside the LDAP server box.
F1 Help: "Select LDAP Server"
5. In the Select LDAP Server dialog box, do one of the following:
To add a new LDAP server, click Add.
To modify an existing LDAP server, select it from the list and click Modify.
F1 Help: "Add / Modify LDAP Server"
6. In the IP address box, type the IP address of the LDAP server.
7. In the Port box, keep the default setting of 389 unless you have a specific requirement to use another port.
8. In the Description box, type additional information to help identify the LDAP server.
9. In the Authentication box, select one of the following options depending on how the LDAP server is configured:
NTLM
Domain Account
Distinguished Name
10. If you selected NTLM (Windows only) or Domain Account do the following:
a) In the User name box, type the user account on the LDAP server. This account must be able to list all of the LDAP server users and their status (specifically if they have been disabled).
b) In the User domain box, type the domain where the user account will be validated.
NOTE:  Normally, each of the customer's DS-Clients will have a separate LDAP server user account created, and those credentials are used to configure LDAP user validation in DS-Client.
11. If you selected Distinguished Name, in the User DN box, type the distinguished name of the user. This is usually in a format similar to: cn=admin,cn=users,DC=domain,DC=company,DC=com
12. In the Password box, type the user password.
13. In the Confirm password box, re-type the user password.
14. If you are using DS-System replication groups and want to automatically push changes in the DS-System's customer account to the other replicated customer accounts on the replication DS-Systems, select the Synchronize between DS-System Groups check box.
NOTE:  For more information on replication groups, see “Replication”.
15. To check if the configuration works, click Verify.
16. To save the LDAP server configuration, click Save.
17. Select the LDAP server you want to use and click Select.
18. Click Apply to save any changes.
All of the customer's DS-Clients must configure LDAP user validation to connect with the DS-System. For more information, see the DS-Client User Guide.