Creating an LDAP authentication profile
To create an LDAP authentication profile, configured with minimum settings, the following are required:
- Authentication that is granted against the Example corporate LDAP server, which can be reached through the fully qualified domain name (FQDN) of ldap.example.com
- Authentication that is configured with TLS and supports StartTLS
To configure the LDAP server URL with StartTLS ldap:// (for LDAP+SSL: ldaps:), use the following command:
vyatta@vyatta#
set resources service-users ldap example.com url ldap://ldap.example.com
If a custom port is required, the port can be specified in the URL by appending the port number to the FQDN; for example: ldap://ldap.example.com:1234.
The default FQDN ports, according to a generally accepted standard, are as follows if not otherwise specified.
FQDN | Port Number |
---|---|
ldap:// |
389 |
ldaps:// |
636 |