Filter
Top Products
User Management
1091
SonicOS 5.8.1 Administrator Guide
Select Give bind distinguished name to access the tree with the distinguished name.
Step 7 To log in with a user’s name and password, enter the user’s name in the Login user name field
and the password in the Login password field. The login name will automatically be presented
to the LDAP server in full ‘dn’ notation.
Note Use the user’s name in the Login user name field, not a username or login ID. For example,
John Doe would log in as John Doe, not jdoe.
Step 8 Select the LDAP version from the Protocol version drop-down menu, either LDAP version 2
or LDAP version 3. Most implementations of LDAP, including AD, employ LDAP version 3.
Step 9 Select the Use TLS (SSL) checkbox to use Transport Layer Security (SSL) to log in to the LDAP
server. It is strongly recommended to use TLS to protect the username and password
information that will be sent across the network. Most implementations of LDAP server,
including AD, support TLS.
Step 10 Select the Send LDAP ‘Start TLS’ request checkbox to allow the LDAP server to operate in
TLS and non-TLS mode on the same TCP port. Some LDAP server implementations support the
Start TLS directive rather than using native LDAP over TLS. This allows the LDAP server to listen
on one port (normally 389) for LDAP connections, and to switch to TLS as directed by the client. AD
does not use this option, and it should only be selected if required by your LDAP server.
Note Only check the Send LDAP ‘Start TLS’ request box if your LDAP server uses the same port
number for TLS and non-TLS.
Step 11 Select the Require valid certificate from server checkbox to require a valid certificate from
the server. Validates the certificate presented by the server during the TLS exchange, matching the
name specified above to the name on the certificate. Deselecting this default option will present an
alert, but exchanges between the SonicWALL security appliance and the LDAP server will still use
TLS – only without issuance validation.
Step 12 Select a local certificate from the Local certificate for TLS drop-down menu. This is optional,
to be used only if the LDAP server requires a client certificate for connections. This feature is useful
for LDAP server implementations that return passwords to ensure the identity of the LDAP client
(AD does not return passwords). This setting is not required for AD.
Step 13 Click Apply.