Enabling Authentication in Your Project

This is shown in Figure 1.

To use authentication with your project so that you can only see search results that you are authorized to see, you must provide the following values on this screen:

• directory.hostname - the host name or IP address of the system on which the Active Directory/LDAP server is running.
• directory.port - the port on which the Active Directory/LDAP server is listening. The default value, 389, is correct unless the server has been relocated to another port for security or other reasons.
• directory.search-base - the distinguished name of the base object for the Active Directory/LDAP server that you are querying. The distinguished name of the main domain may work, such as dc=mydomain,dc=com, though it may not be the most efficient value to provide. If you see an LDAP error such as error 39, you should provide the distinguished name of a more specific object, such as cn=Users,dc=mydomain,dc=com. (See Common LDAP Errors for more detailed information about LDAP errors.)
• directory.binding-username - the username used to bind to the directory service. In most cases this is a Distinguished Name such as the following:

  CN=administrator,CN=Users,DC=training,DC=local

  A user's logon name may sometimes work with Active Directory, but using a distinguished name will always work and will help avoid potential confusion.

• directory.binding-password - the password used by the directory.binding-username to connect to the Active Directory/LDAP server. You will have to enter this value twice to ensure that you have not made any typographical errors, because whatever you type is not actually echoed to the screen.

(at the top right of this screen) to save your changes.