User Management
1094
SonicOS 5.8.1 Administrator Guide
Step 25 Select the Directory tab.
Step 26 In the Primary Domain field, specify the user domain used by your LDAP implementation. For
AD, this will be the Active Directory domain name, such as yourADdomain.com. Changes to
this field will, optionally, automatically update the tree information in the rest of the page. This
is set to mydomain.com by default for all schemas except Novell eDirectory, for which it is set
to o=mydomain.
Step 27 In the User tree for login to server field, specify the tree in which the user specified in the
‘Settings’ tab resides. For example, in AD the ‘administrator’ account’s default tree is the same
as the user tree.
Step 28 In the Trees containing users field, specify the trees where users commonly reside in the
LDAP directory. One default value is provided that can be edited, a maximum of 64 DN values
may be provided, and the SonicWALL security appliance searches the directory until a match
is found, or the list is exhausted. If you have created other user containers within your LDAP or
AD directory, you should specify them here.
Step 29 In the Trees containing user groups specify the trees where user groups commonly reside in
the LDAP directory. A maximum of 32 DN values may be provided. These are only applicable
when there is no user group membership attribute in the schema's user object, and are not used
with AD.
The above-mentioned trees are normally given in URL format but can alternatively be specified
as distinguished names (for example, “myDom.com/Sales/Users” could alternatively be given
as the DN “ou=Users,ou=Sales,dc=myDom,dc=com”). The latter form will be necessary if the
DN does not conform to the normal formatting rules as per that example. In Active Directory the
URL corresponding to the distinguished name for a tree is displayed on the Object tab in the
properties of the container at the top of the tree.