The LDAP parameters dialog specifies an LDAP search operation to locate directory entries and optionally return attributes from those entries. The search must succeed for certificate validation or CRL checking to succeed. Specify all query parameters in a URL by specifying parameters individually on the Query Parameters screen.
Define the following parameters to specify LDAP parameters:
| Parameter | Description |
|---|---|
| Protocol | Protocol used to connect to the LDAP server: ldap:// (nonsecure) or ldaps://(secure). |
| Host | Host name of the LDAP server. |
| Port | Port number to use to connect to the LDAP server. |
| Base DN | Starting point in the directory to begin the search. |
| Return Attributes | Attribute types to return from the entries that match. |
| Scope | Starting point when performing the search. Specify
one of the following options:
|
| Match Attributes | Search filter used to determine which directory entries are a match. The search filter (see RFC 2254) can be very complex, but defines one or two attribute names and their expected values. You can specify Sterling External Authentication Server variables to represent this element. |
| Query Timeout | How long in minutes and seconds (format MM:SS) before the LDAP attribute query times out and processing ends. |