Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page allows you to select the LDAP server that this client system will contact to in order to fetch user and group information. The most important field is the LDAP server hostnames, into which you must enter the hostname or IP address of the LDAP server on your network. If you have more than one replicated server, they can all be entered here.

The Login for non-root users and Password for non-root users fields must be filled in with a username and password accepted by the LDAP server, respectively. The login will typically be an LDAP distinguished name, like cn=Manager,dc=my-domain,dc=com.

Because this login and password is visible to all Unix users on your system, it is typically set to that of a LDAP user with limited privileges (such as read-only access, and no ability to view passwords). Because passwords do need to be checked in some situations, the Login for root user and Password for root user fields should be set to an LDAP username and password who has read access to the entire LDAP server. This second password is stored in a file that is only readable by the root user, and thus is secure from regular, un-trusted Unix users.

Image Added
  1. The IP address of the LDAP Server to configure a link to the client.

  2. Specify a port number for your LDAP traffic, or set to Default.

  3. Specify a protocol for your LDAP traffic, or set to Default.

  4. Specify the desired protocol version, or set to Default.

  5. Configure a connection time limit (in seconds), or set to Default.

  6. Add a login for non-root users, or allow Anonymous user access.

  7. Provide the password for your non-root user, or set to None.

  8. Add a login for the root user, or set to Same as non-root.

  9. Provide the password for your root user, or set to None.

  10. Select if you would like to use an encrypted connection. Default is set to No.

  11. Select if you would like to verify LDAP SSL certificate, or set to Default (usually No).

  12. Browse to and select the CA Certificate File, or set to None.

Image Added