Filter
Top Products
8
• Primary Domain – The user domain used by your LDAP implementation. For AD, this will be the
Active Directory domain name, e.g. yourADdomain.com. Changes to this field will, optionally,
automatically update the tree information in the rest of the page. This is set to mydomain.com by
default for all schemas except Novell eDirectory, for which it is set to o=mydomain.
• User tree for login to server – The location of where the tree is that the user specified in the settings
tab. For example, in Active Directory the ‘administrator’ account’s default tree is the same as the user
tree.
• Trees containing users – The trees where users commonly reside in the LDAP directory. One
default value is provided which can be edited, and up to a total of 64 DN values may be provided. The
SonicWALL will search the directory using them all until a match is found, or the list is exhausted. If
you have created other user containers within your LDAP or AD directory, you should specify them
here.
• Trees containing user groups – Same as above, only with regard to user group containers, and a
maximum of 32 DN values may be provided. These are only applicable when there is no user group
membership attribute in the schema's user object, and are not used with AD.
All the above trees are normally given in URL format but can alternatively be specified as
distinguished names (e.g. “myDom.com/Sales/Users” could alternatively be given as the
DN "ou=Users,ou=Sales,dc=myDom,dc=com"). The latter form will be necessary if the DN does not
conform to the normal formatting rules as per that example. In Active Directory, the URL
corresponding to the distinguished name for a tree is displayed on the Object tab in the properties of
the container at the top of the tree.
NOTE: AD has some built-in containers that do not conform (e.g. the DN for the top level Users container
is formatted as “cn=Users,dc=…”, using ‘cn’ rather than ‘ou’), but the SonicWALL knows about and deals
with these, so they can be entered in the simpler URL format.
Ordering is not critical, but since they are searched in the given order, it is most efficient to place the most
commonly used trees first in each list. If referrals between multiple LDAP servers are to be used, then the