Create LDAP authentication realms

If you are using LDAP, you can import users and map them to the security system. If you create an LDAP type of authentication realm, you need to provide information about your LDAP installation, as described in the following table.

For additional configuration requirements, see Configure LDAP authentication.

LDAP authentication realm properties

Field Description
Context Factory

Enter the context factory class to use to connect. This may vary depending upon your Java implementation. The default for Sun Java implementations:

com.sun.jndi.ldap.LdapCtxFactory.

LDAP URL URL to the LDAP server beginning with ldap:// or ldaps://. Separate additional servers with spaces.
Use DN Pattern Enter the user directory entry pattern; the name will be substituted in place of 0 in the pattern, such as cn={0},ou=employees,dc=yourcompany,dc=com.
User Search Base Enter the user base directory to search for users, such as ou=employees,dc=mydomain,dc=com.
User Search Filter Enter the LDAP filter expression to use when searching for a user's directory entry. The username will be substituted in place of {0} in the pattern, such as uid={0}. If this is an attribute and not part of the user DN pattern, wrap the value in parentheses, such as ud=(0).
Search User Subtree Search the subtree for users.
Search Connection DN

Enter the complete directory name to use when binding to LDAP for searches, such as cn=admin,dc=mydomain,dc=com.

If not specified, an anonymous connection will be made. Required if the LDAP server cannot be anonymously accessed.

Search Connection Password Enter the password to use when binding to LDAP for searches.
Name Attribute Enter the attribute name that contains the user's name, as set in LDAP.
Email Attribute Enter the attribute name that contains the user's email address, as set in LDAP.

Back to top