User Management
663
SonicOS Enhanced 4.0 Administrator Guide
Note Only check the Send LDAP ‘Start TLS’ request box if your LDAP server uses the same
port number for TLS and non-TLS.
Step 9 Check the Require valid certificate from server to require a valid certificate from the server.
Validates the certificate presented by the server during the TLS exchange, matching the name
specified above to the name on the certificate. Deselecting this default option will present an alert,
but exchanges between the SonicWALL security appliance and the LDAP server will still use TLS
– only without issuance validation.
Step 10 Select a local certificate from the Local certificate for TLS drop-down menu. This is optional,
to be used only if the LDAP server requires a client certificate for connections. This feature is useful
for LDAP server implementations that return passwords to ensure the identity of the LDAP client
(AD does not return passwords). This setting is not required for AD.
Step 11 Click Apply.
Step 12 Click the Schema tab.
Step 13 From the LDAP Schema pull-down menu, select one of the following LDAP schemas. Selecting
any of the predefined schemas will automatically populate the fields used by that schema with
their correct values. Selecting ‘user-defined’ will allow you to specify your own values – use this
only if you have a specific or proprietary LDAP schema configuration.
–
Microsoft Active Directory
–
RFC2798 InetOrgPerson
–
RFC2307 Network Information Service
–
Samba SMB
–
Novell eDirectory
–
User defined