Your browser does not allow storing cookies. We recommend enabling them.

PreviousNextUp[Front page] [Index]

Editing the LDAP Authentication Service

The LDAP Authentication Service is used for LDAP-based authentication in web enrollment and SCEP enrollment. During enrollment, the service can authenticate users based on their LDAP credentials (username and password).

Figure : Editing the LDAP Authentication Service configuration

Basic Settings

Service description is a free-form description of the Service and its function.

Service status can be either Active or Disabled. If the service is Disabled, it does not perform its function. This option can be used to take the service temporarily out of use.

LDAP Settings

The LDAP Server Address and Port number specify the address of the directory server where the user credentials are stored.

LDAP Version is the LDAP protocol version used by the LDAP server.

If the LDAP query is done via a firewall with a Socks server, this server address can be given in the Socks URL field (socks://..).

Name Formats

The Name Formats setting is used to define mappings between the username (subject name) given by the enrolling user and the actual record in the LDAP server and in the entity stored in SSH Tectia Certifier. The LDAP username format field defines the mapping to the username on the LDAP server and the Entity name format field to the subject name of the entity. The format for these strings is the same as the format for Object Name Format in certificate publishing methods. See Section LDAP Publishing Method.

To use LDAP authentication with web enrollment and/or SCEP, the Entity Mapping in the Web Enrollment Service or SCEP Service settings should be set to the correct LDAP Authentication Service.

Commiting Changes

Click the Continue button to accept changes made to the Service settings, or click Cancel to discard them. After clicking Continue, remember to Commit Changes on the Edit Server Entity page.

PreviousNextUp[Front page] [Index]


Highlights from the SSH.COM blog:

  • Cryptomining with the SSH protocol: what big enterprises need to know about it

    Cryptomining malware is primarily thought of as targeting desktops and laptops and is used to hijack system resources to mine cryptocurrency.
    Read more
  • SLAM the door shut on traditional privileged access management

    Did you know that something as trivial-sounding as granting access for your developers or third parties to a product development environment can throw a gorilla-sized monkey wrench into your operations and productivity?
    Read more
  • We broke the IT security perimeter

    Everyone understands the concept of a security perimeter. You only gain access if you are identified and authorized to do so.
    Read more