To enable LDAP/AD authentication
1.Select Administration in the main menu of the Control Center.
2.Select Authentication in the control menu.
3.In the opened window, select LDAP/AD authentication section.
4.Set the Use LDAP/AD authentication flag.
5.Click Save.
6.Restart Dr.Web Server to apply changes.
You can configure authentication using LDAP protocol at any LDAP server. Also you can use this mechanism to configure Dr.Web Server under Unix-like OS for authentication in Active Directory on a domain controller.
|
If an LDAP server other than MS Active Directory is used, it is recommended to configure the rules for translating user names to DN in the auth-ldap-rfc4515.conf configuration file in accordance with RFC4515 using the <user-dn-extension-enabled/>, <user-dn/>, <user-dn-expr/> parameters. If the authorized user does not have search rights on the LDAP server, then in the <bind dn/> parameter you can configure the DN and password of the LDAP server user with read rights, on whose behalf the search for the authorized user data will be performed on the LDAP server. The description of these parameters is given in the Appendices document, B3. LDAP/AD Authentication section. |
For the convenience of a user, the section provides the ability to switch between simplified or extended versions of authentication settings via LDAP/AD.
|
Settings of LDAP/AD authentication are stored in the auth-ldap-rfc4515.conf configuration file. Configuration files with typical settings are also provided: auth-ldap-rfc4515-check-group.conf, auth-ldap-rfc4515-check-group-novar.conf, auth-ldap-rfc4515-simple-login.conf. General xml attributes are described in the Appendices document, in the B3. LDAP/AD Authentication section. |