
Configuring Authentication
The information required to configure an LDAP service for authentication is defined in the following
tables. Table 5-3 defines the fields on the top part of the page:
Table 5-3. LDAP Authentication Configuration Options, Top Part of the Page
Field/Option Description
Name Your name for this authentication method. You can use any alphanumeric
string as the name.
Server The Fully Qualified Domain Name (FQDN) or IP address of the server running
the LDAP service.
Port The UDP Port for LDAP (default is 389)
Base DN (Distinguished Name) The base Distinguished Name (DN) to be appended to the username.
Username Field The name of the field (attribute) in the database that holds the username to
be matched. The default is uid.
Group Identity Field The name of the attribute containing group membership information for the
user, if group information is contained in the same LDAP entry as the user
information. This information is retrieved after successful authentication of
the user, and is used to match the user to an Identity Profile.
Additional Identity Search The search string to use to retrieve group membership information if it is not
contained in the same entry as the user information. Use %s in place of the
actual user logon name in this string (for example,
cn=%s). The actual user
logon name is substituted for the %s variable.
Timeout Authentication timeout period (in seconds), i.e., how long the 700wl Series
system will wait for a response from the LDAP service before it considers the
request to have failed.
Use a secure connection (SSL)
Select this option to communicate with the LDAP server using SSL. This is
recommended if you are going to use one of the following options where the
700wl Series system sends the user password to the LDAP server:
User binding
Rootdn/rootpw binding
—Use the username field as an alias…“
Password encryption set to CLEAR
SSL must be enabled on the LDAP server to use this option.
Use LDAP v2
Select this option if your Directory is based on LDAP v2.
The default is LDAP v3.
Bind Method Select the bind method to be used to bind to the LDAP database:
Select Non-User Bind if your LDAP server allows you to connect
anonymously or using the root DN and root password, and you want to
present a user logon and retrieve the associated user password from the
directory service.
Select User Bind to bind as the user being authenticated, sending the user
logon name and password to the directory service for authentication.
The fields in the bottom part of the page change based on this selection.
HP ProCurve Secure Access 700wl Series Management and Configuration Guide 5-11