Configuring LDAP settings

Administration > Tools

LDAP settings define how Network VirusWall Enforcer authenticates endpoint users for policy enforcement.

To configure LDAP server settings:

1. Click Administration. The drop-down menu displays

2. Click LDAP Settings from the drop-down menu. The LDAP Server screen displays.

3. Select Use Microsoft Active Directory or Use OpenLDAP.

• Note: Network VirusWall Enforcer supports single sign-on (SSO) to the Internet, if you select Use Microsoft Active Directory.

4. Select the Authentication method. Network VirusWall Enforcer supports Simple, Kerberos, and Digest MD5.

• Note: Kerberos authentication is not supported in IPv6 networks. When using Kerberos authentication, both the LDAP and the KDC server addresses must be IPv4 addresses.

4. Type the following:

   1. LDAP server location—type an FQDN, such as www.trendmicro.com, or an IP address

   2. LDAP server port—for example, 389

   3. Base distinguished name—type the DN setting, for example, dc=trend, dc=com

   4. KDC server location—type an FQDN, such as www.trendmicro.com, or an IP address

   5. Default realm—for example, TREND.COM

   6. Default domain—for example, trend.com

   7. KDC principal name—KDC principal name. This setting is only used for Microsoft Active Directory 2008.

   8. KDC server port as they apply—for example, 88

5. Depending on your security policies, select Enable single sign-on (SSO) to the Internet. This option is available only if you have selected Use Microsoft Active Directory.

6. Click Save.

See also:

About Agent Deployment

About Single Sign-On

LDAP Settings