User's Manual
Using the CMC Directory Service 285
Table 8-10. Common Settings
Setting Description
Generic LDAP Enabled Enables the generic LDAP service on CMC.
Use Distinguished Name
to Search Group
Membership
Specifies the distinguished name (DN) of LDAP groups
whose members are allowed access to the device.
Enable SSL Certificate
Valid ation
If checked, CMC uses the CA certificate to validate the
LDAP server certificate during SSL handshake.
Bind DN Specifies the distinguished name of a user used to bind
to the server when searching for the login user's DN. If
not provided an anonymous bind is used.
Password A bind password to use in conjunction with the bind
DN.
NOTE: The bind password is sensitive data, and must be
properly protected.
Base DN to Search The DN of the branch of the directory where all searches
must start from.
Attribute of User Login Specifies the attribute to search for. If not configured,
the default is to use uid. It is recommended to be unique
within the chosen base DN, otherwise a search filter
must be configured to ensure the uniqueness of the
login user.If the user DN cannot be uniquely identified
by searching the combination of attribute and search
filter, login fails with an error.
Attribute of Group
Membership
Specifies the LDAP attribute that is used to check for
group membership. This must be an attribute of the
group class. If not specified, the member and unique
member attributes are used.
Search Filter Specifies a valid LDAP search filter. This is used if the
user attribute cannot uniquely identify the login user
within the chosen base DN. If not provided, defaults to
(objectClass=*), which searches for all objects in the
tree. The maximum length of this property is 1024
characters.