LDAP Authentication

LDAP authentication is a way to utilize a central user database so that there's no need to create all user accounts, and for the users that they don't have to keep track of more usernames and passwords.

The LDAP Authentication is built to work specifically for Active Directory. If you're authenticating against Active Directory, try this option first before using the Advanced LDAP authentication.

Configuration Options

The following configuration section can be found at the bottom of the Configuration page and this controls access to the remote authentication system.

If this section is completed, every time a user logs in, they will be checked against the remote authentication server. If the user exists and their credentials match, they will be logged in. If the user does not exist in the File Transfer Appliance and their credentials match the remote authentication server, the account will automatically created. If the credentials does not match the remote authentication server, they will be matched against the local database and if the credentials match the local database the user will be logged in, and be rejected otherwise.

The configuration values for the Remote Authentication are as follows:

	Values	Example	Description
Remote Authentication Type	LDAP / IMAP	LDAP	Choose the desired Authentication Mechanism
Authentication Host	hostname / ip address	10.0.1.20	The ip address or the hostname of the LDAP server.
Port	number	389	If the LDAP server does not use the default port, specify the port to use here.
Enable SSL	enable / disable	disable	If the LDAP or IMAP server uses SSL for it's connection, enable SSL here

Default Ports

The following table lists the default ports for each protocol.

Protocol	Plain (no SSL)	SSL
LDAP	389	636
IMAP	143	993

Some people believe that the default LDAP port in Active Directory is 3268 and try to use that. Port 3268 is used for adddressbook lookups, it does not work to authenticate against - port 389 is what should be used.