User Management
1052
SonicOS 5.8.1 Administrator Guide
Step 7 On the Directory tab, configure the following fields:
• Primary Domain – The user domain used by your LDAP implementation. For AD, this will
be the Active Directory domain name, e.g. yourADdomain.com. Changes to this field will,
optionally, automatically update the tree information in the rest of the page. This is set to
mydomain.com by default for all schemas except Novell eDirectory, for which it is set to
o=mydomain.
• User tree for login to server – The tree in which the user specified in the Settings tab
resides. For example, in Active Directory the ‘administrator’ account’s default tree is the
same as the user tree.
• Trees containing users – The trees where users commonly reside in the LDAP directory.
One default value is provided which can be edited, and up to a total of 64 DN values may
be provided. The SonicWALL will search the directory using them all until a match is found,
or the list is exhausted. If you have created other user containers within your LDAP or AD
directory, you should specify them here.
• Trees containing user groups – Same as above, only with regard to user group
containers, and a maximum of 32 DN values may be provided. These are only applicable
when there is no user group membership attribute in the schema's user object, and are not
used with AD.
All the above trees are normally given in URL format but can
alternatively be specified as
distinguished names (e.g. “myDom.com/Sales/Users” could alternatively be given as the
DN “o
u=Users,ou=Sales,dc=myDom,dc=com”). The latter form will be necessary if the DN
does not conform to the normal formatting rules as per that example. In Active Directory the
URL corresponding to the distinguished name for a tree is displayed on the Object tab in
the properties of the container at the top of the tree.