LDAP servers (including Microsoft Active Directory) can be used to authenticate users. There are two ways to configure the LDAP connector for RMS.
If all users are within one node of the LDAP tree, a simple template-based mechanism can be used to look up users.
If the users are stored within a deeper tree structure, the connector needs to perform a search operation to resolve a user.
- On the navigation pane, select .
- In the Authentication section, in the Authentication Type field, select LDAP.
-
If the users are all within the same node within the LDAP
tree, complete the following substeps.
- In the Users Are field, select in a single node, and then type the URL for the LDAP server and a template to locate the user in User DN Template. For example, uid={user}, ou=myOU, o=myOrg where {user} is a placeholder for the user name in the template.
- In the Server URL field, type the URL for the LDAP server.
-
If the tree structure needs to be searched to find the user,
complete the following substeps.
- In the Users Are list, select in a tree structure, in the User DN field, type the full distinguished name of a user to use for searching the LDAP repository, and in the Password field, type the user password for that user.
- In the Search Filter field, type the user search filter, for example sAMAccountName={user} where {user} is a placeholder for the user name and must be part of the filter.
- Optional. In Search Paths, specify the start points for the searches. The entire directory is searched if no paths are specified.
- Click Save.