Configuring an LDAP Server

Procedure

1. Obtain the information required to configure LDAP integration from the server administrator.
2. Go to Administration → Integrated Products/Services → LDAP.
3. Do one of the following:
   • Click Add to add a new entry.
   • Click a name to change the server settings.
4. Select to enable or disable the server.
5. Select a server type.
6. Specify the name of the server.
7. Configure the server settings (server address, access protocol, and port number).

   Note Trend Micro recommends using the following default ports: For Microsoft Active Directory, or OpenLDAP: SSL: 636 STARTTLS: 389 For Microsoft AD Global Catalog: SSL: 3269 STARTTLS: 3268

8. Configure administrative settings for the LDAP server.
   The following table provides the configuration recommendations for each supported LDAP server type.

   LDAP Server Type	User Name (example)	Base Distinguished Name (example)
   Active Directory	user1@domain.com (UPN)	dc=domain, dc=com
   Active Directory Global Catalog	user1@domain.com (UPN)	dc=domain, dc=com dc=domain1,dc=com (if multiple unique domains exist)
   OpenLDAP	cn=manager, dc=test1, dc=com	dc=test1, dc=com

   1. Type the base distinguished name.
   2. Select an email address attribute option to apply policy settings based on the address information.
   3. Type the user name.
   4. Type the password.
   5. (Optional) If your organization uses a CA certificate, select Use CA certificate and click Select to locate the CA certificate file.
9. If the LDAP server uses filter settings other than the default, specify the User filter and Group filter.
10. (Optional) Click Test Connection to verify that a connection to the LDAP server can be established using the specified information.
11. Click Save.