Configuring LDAP - Basic method

Edit online

You can configure LDAP in the GUI with the Basic method by completing a few fields.

Before you begin

You can configure LDAP in two ways:
  • On the Basic tab, you complete fields that Copy Services Manager uses to set up the configuration. This topic covers the Basic method.
  • On the Advanced tab, you can directly edit the raw data in the LDAP registry file for a more customized approach. Or, if you already have a custom LDAP configuration, you must use the Advanced tab to make changes. For the Advanced method, go to Configuring LDAP - Advanced method.
Note: Copy Services Manager only tests or saves the configuration on the current tab that you are viewing, whether Basic or Advanced. Changes that you make in one tab are not synchronized with the other tab.

About this task

Follow these steps if you select the Basic tab for configuring LDAP:

Procedure

  1. Select the authentication method, either Active Directory or LDAP. The Active Directory method is already selected by default.
  2. When you configure LDAP for the first time, no server is defined. Click Add Authentication Server.
  3. Type the appropriate Authentication Server host name, and Port, and then click Add. The server name is displayed in the Server list.
    Note: You can specify one or more authentication servers. The ports must be an integer 1 - 65535.
  4. Type the user ID in the Bind Distinguished Name (DN) or User ID field.
  5. Type the associated password for the user ID in the Bind Password field.
  6. Type a string value for the filter to search on in the Search base for users and groups field.
  7. Optional: Select the Enable SSL check box to upload an SSL key file to the LDAP server that you are connecting to. Then, click Load Certificate and select the file name.
    Notes:
    • When you modify an existing LDAP server configuration, the Enable SSL check box is already selected. You can use the existing certificate file that is displayed, or click Load Certificate again if you need to load a new one. You can also choose to remove the check from Enable SSL.
    • When modifying existing LDAP server certificates, after loading and saving the configuration, you need to restart the CSMAuth server so that it picks up the new certificates in the connection. For more information, see Starting the Copy Services Manager authentication server .
    • You can load a certificate file that contains multiple certificates in a single file, if needed. For more information, see Creating a file with multiple certificates for LDAP configuration.
  8. Click Test to test the connection. If the system cannot connect, an error message appears.
    Note: If you get a message that no users or groups were found, you can modify your inputs and click Test again. Alternately, you can save the configuration without making more changes.
  9. Click Save to complete the LDAP configuration, or click Cancel to exit.

Results

When all the fields are correctly completed, and the test connection is successful, one or more servers are configured for LDAP authentication.