Filter
Top Products
7
Selecting any of the predefined schemas will automatically populate the fields used by that schema
with their correct values.
Selecting ‘User Defined’ will allow you to specify your own values – use this only if you have a
specific or proprietary LDAP schema configuration.
• Object class – Select the attribute that represents the individual user account to which the next two
fields apply.
• Login name attribute – Select one of the following to define the attribute that is used for login
authentication:
– sAMAccountName for Microsoft Active Directory
– cn for Novell eDirectory
– uid for others
• Qualified login name attribute – Optionally select an attribute of a user object that sets an
alternative login name for the user in name@domain
format. This may be needed with multiple
domains in particular, where the simple login name may not be unique across domains. By default,
this is set to userPrincipalName for Microsoft Active Directory and mail RFC2798 inetOrgPerson.
Note that userPrincipalName would allow login as, for example, “john.ourdomain.com” where mail
would login as “john@ourdomain.com”.
• User group membership attribute – Select the attribute that contains information about the groups
to which the user object belongs. This is memberOf in Microsoft Active Directory. The other pre-
defined schemas store group membership information in the group object rather than the user object,
and therefore do not use this field.
• Framed IP address attribute – Select the attribute that can be used to retrieve a static IP address
that is assigned to a user in the directory. Currently it is only used for a user connecting via L2TP with
the SonicWALL’s L2TP server to retrieve the IP address to assign to them from the directory. In the
future this may also be supported for Global VPN Client. In Active Directory the static IP address is
configured on the Dial-in tab of a user’s properties.
Step 7: On the Directory tab, configure the following fields: