- Obtain the information required to configure LDAP integration from the server administrator.
- Go to Administration > Integrated Products/Services > LDAP.
-
Do one of the following:
-
Click Add to add a new entry.
-
Click a name to change the server settings.
-
- Select a server type.
- Select to enable one or both primary and secondary servers.
-
Configure the server settings (server address, access protocol, and port
number).
Note:
Trend Micro recommends using the following default ports:
-
For Microsoft Active Directory, Domino, or OpenLDAP:
-
SSL: 636
-
STARTTLS: 389
-
-
For Microsoft AD Global Catalog:
-
SSL: 3269
-
STARTTLS: 3268
-
-
-
Configure administrative settings for the LDAP server.
The following table provides the configuration recommendations for each
supported LDAP server type.
Table 1. LDAP Server Type
User Account (example)
Base Distinguished Name (example)
Authentication Method
Active Directory
user1@domain.com (UPN)
dc=domain, dc=com
-
Simple
-
Advanced (with Kerberos)
Active Directory Global Catalog
user1@domain.com (UPN)
dc=domain, dc=com
dc=domain1,dc=com (if multiple unique domains exist)
-
Simple
-
Advanced (with Kerberos)
OpenLDAP
cn=manager, dc=test1, dc=com
dc=test1, dc=com
Simple
IBM Domino
user1/domain
Not applicable
Simple
- Type the base distinguished name.
- Select an email address attribute option to apply policy settings based on the address information.
- Type the user name.
- Type the password.
- (Optional) If your organization uses a CA certificate, select Use CA certificate and click Select to locate the CA certificate file.
-
In the Authentication Method section, select
Simple or
Advanced.
For Active Directory, select Advanced and configure the required settings.
-
- (Optional) Click Test Connection to verify that a connection to the LDAP server can be established using the specified information.
- Click Save.
Views: