User Management
603
SonicOS Enhanced 4.0 Administrator Guide
Figure 52:4 LDAP User Group Authentication Flow Diagram
In addition to RADIUS and the local user database, SonicOS Enhanced supports LDAP,
Microsoft Active Directory (AD), and Novell eDirectory directory services for user
authentication.
Microsoft Active Directory works with SonicWALL Single Sign-On and the SonicWALL SSO
Agent. For more information, see “Single Sign-On Overview” on page 605.
LDAP Directory Services Supported in SonicOS Enhanced
In order to integrate with the most common directory services used in company networks,
SonicOS Enhanced supports integration with the following LDAP schemas:
• Microsoft Active Directory
• RFC2798 InetOrgPerson
• RFC2307 Network Information Service
• Samba SMB
• Novell eDirectory
• User-defined schemas
SonicOS Enhanced provides support for directory servers running the following protocols:
• LDAPv2 (RFC3494)
• LDAPv3 (RFC2251-2256, RFC3377)
• LDAPv3 over TLS (RFC2830)
• LDAPv3 with STARTTLS (RFC2830)
• LDAP Referrals (RFC2251)
,QWHUQHW
02/
5SER
7ORKSTATION
,$!03ERVER
5SERATTEMPTSTOACCESSTHEWEB
3.7,REQUIRESAUTHENTICATIONOFTHE5SER
REDIRECTSWORKSTATIONTOAUTHENTICATE
5SERAUTHENTICATESWITHCREDENTIALS
3ONIC7!,,REQUESTSINFORMATIONFROM,$!0
3ERVERABOUT5SER
,$!03ERVERRESPONDSWITH5SER'ROUP
-EMBERSHIPINFORMATION
,$!0'ROUP-EMBERSHIPISCOMPAREDAGAINST
3ONIC7!,,'ROUP-EMBERSHIPFORACCESSINGPRIVILEGES
3.7,AUTHORIZESORDENIESACCESSBASEDON5SERPRIVILEGES