1. Home
  2. Create an LDAPS Authentication Stage

Create an LDAPS Authentication Stage

To complete the creation of this V-Realm, you must define at least one authentication stage within it, in this instance we will create an LDAPS stage. To configure the basic settings for an LDAPS authentication stage which includes connection and authentication information, follow the below steps.

  • After creating and naming a new V-Realm, select LDAP from the Stage Type drop down list box located under Create New Authentication Stage.
  • Click Submit.
Select Auth Stage Type
Select Auth Stage Type

The Authentication Stage properties page opens. The basic settings that are required for configuring NetConnect to authenticate users against an external LDAP server can be seen below.

LDAPS Config Page
LDAPS Config Page
  • Specify the following settings and click Submit. Note, only the mandatory fields are covered here, the Configuration Manual explores additional options in further detail.
LDAP SettingsDescription
Domain
Enter the domain which the Active Directory is joined to.
Username TemplateThe Username template field is used to prefix or postfix a string to the username. This removes the need for end-users to include this information when logging in. Typically this will be %USERNAME%.
MethodSelect LDAPS
HostEnter the DNS name of the LDAP server.
PostEnter 636
Bind DNThe Bind DN is a string that identifies the AD account you wish to use to bind to NetConnect. We recommend creating an account specifically for the purpose of binding to NetConnect. To locate the bind DN string:
*Log into to your AD server.
*Open up the active directory console.
*Ensure that Advanced Features is enabled under the view menu.
*Navigate to the user we wish to use to bind to NetConnect, right click and select Properties.
*Go to the Attribute Editor tab, scroll down to the Distinguished Name attribute, double-click and copy the value

Bind PasswordEnter the password of your selected Bind user.
Base DNSpecify the point in the directory hierarchy where a search begins. Enter the base DN (or base Object) from which you want to search.
Login AttributeEnter the name of the login attribute that contains the user’s login name. For example, for Sun Java System Directory Server it’s uid. For Active Directory, it’s sAMAccountName.
Updated on December 5, 2018

Was this article helpful?