LDAP Authentication Method

Administration > IWSVA Configuration > User Identification | User Identification

If your LDAP is Microsoft Active Directory or OpenLDAP, specify the following settings to match the authentication method used by your Kerberos KDC (key distribution center):

• Simple—Simple authentication consists of sending the user's FQDN (fully qualified domain name) and password to the KDC using clear text—it is not secure and Trend Micro does not recommend it for anything other than connection testing.

• Advanced—Advanced authentication consists of sending the user's FQDN and password in encrypted form.

• Note: Sun Java System Directory Server uses Digest-MD5, not Kerberos.

• Default Realm—Enter the default realm of the LDAP server in the following format: hostname.subdomain.domain.com

• Default Domain—Enter the default domain of the LDAP server in the following format: domain.com

• KDC and admin Server—Enter the FQDN or DNS host name of the KDC server in the following format: hostname.subdomain.domain.com

• KDC port number—The default Kerberos KDC port is 88.

Contact your LDAP administrator for this information, or check the server's configuration files.  Typical file locations:

• /etc/krb5/krb5.conf                [Solaris]

• /etc/krb5.conf                     [Linux]

See also

• LDAP Settings

• Referral Servers

• Notes on LDAP in Transparent Mode

• About Transparent Identification

• Transparent Identification Settings