ZyXEL Communications 100 Series User Manual
Chapter 39 AAA Server
ZyWALL USG 100/200 Series User’s Guide
628
Bind DN
A bind DN is used to authenticate with an LDAP/AD server. For example a bind DN of
cn=zywallAdmin
cn=zywallAdmin
allows the ZyWALL to log into the LDAP/AD server using the user
name of zywallAdmin. The bind DN is used in conjunction with a bind password. When a
bind DN is not specified, the ZyWALL will try to log in as an anonymous user. If the bind
password is incorrect, the login will fail.
bind DN is not specified, the ZyWALL will try to log in as an anonymous user. If the bind
password is incorrect, the login will fail.
39.2.1 Configuring Active Directory or LDAP Default Server Settings
To configure the Active Directory or LDAP default server settings, click Object > AAA
Server > Active Directory (or LDAP) to display the screen as shown.
Server > Active Directory (or LDAP) to display the screen as shown.
Figure 464 Object > AAA Server > Active Directory (or LDAP) > Default
The following table describes the labels in this screen.
Table 211 Object > AAA Server > Active Directory (or LDAP) > Default
LABEL
DESCRIPTION
Host
Enter the IP address (in dotted decimal notation) or the fully-qualified domain
name (up to 63 alphanumerical characters) of an AD or LDAP server.
name (up to 63 alphanumerical characters) of an AD or LDAP server.
Port
Specify the port number on the AD or LDAP server to which the ZyWALL sends
authentication requests. Enter a number between 1 and 65535. The default is 389.
authentication requests. Enter a number between 1 and 65535. The default is 389.
Bind DN
Specify the bind DN for logging into the LDAP server. Enter up to 63
alphanumerical characters.
For example,
alphanumerical characters.
For example,
cn=zywallAdmin
specifies
zywallAdmin
as the user name.
Password
If required, enter the password (up to 15 alphanumerical characters) for the
ZyWALL to bind (or log in) to the AD or LDAP server.
ZyWALL to bind (or log in) to the AD or LDAP server.
Base DN
Specify the directory (up to 63 alphanumerical characters). For example,
o=ZyXEL, c=US
.
CN Identifier
Specify the unique common name that uniquely identifies a record in the AD or
LDAP directory. Enter up to 63 alphanumerical characters.
LDAP directory. Enter up to 63 alphanumerical characters.
Search time limit
Specify the timeout period (between 1 and 300 seconds) before the ZyWALL
disconnects from the AD or LDAP server. In this case, user authentication fails.
The search timeout occurs when either the user information is not in the LDAP
server or the server is down.
disconnects from the AD or LDAP server. In this case, user authentication fails.
The search timeout occurs when either the user information is not in the LDAP
server or the server is down.