Cisco Cisco Web Security Appliance S670 User Guide
L D A P A U T H E N T I C A T I O N S E T T I N G S
C H A P T E R 1 6 : A U T H E N T I C A T I O N
371
LDAP Server
Enter the LDAP server IP address or host name and its port number.
You can specify up to three servers.
The host name must be a fully-qualified domain name. For example,
You can specify up to three servers.
The host name must be a fully-qualified domain name. For example,
ldap.example.com
. An IP address is required only if the DNS
servers configured on the appliance cannot resolve the LDAP server
host name.
The default port number for Standard LDAP is 389. The default
number for Secure LDAP is 636.
If the LDAP server is an Active Directory server, enter the host name
or IP address and the port of the domain controller here. Whenever
possible, enter the name of the Global Catalog Server and use port
3268. However, you might want to use a local domain controller
when the global catalog server is physically far away and you know
you only need to authenticate users on the local domain controller.
Note: When you configure multiple authentication servers in the
realm, the appliance attempts to authorize with up to three
authentication servers before failing to authenticate the transaction
within that realm.
host name.
The default port number for Standard LDAP is 389. The default
number for Secure LDAP is 636.
If the LDAP server is an Active Directory server, enter the host name
or IP address and the port of the domain controller here. Whenever
possible, enter the name of the Global Catalog Server and use port
3268. However, you might want to use a local domain controller
when the global catalog server is physically far away and you know
you only need to authenticate users on the local domain controller.
Note: When you configure multiple authentication servers in the
realm, the appliance attempts to authorize with up to three
authentication servers before failing to authenticate the transaction
within that realm.
LDAP Persistent Connections
(under the Advanced section)
(under the Advanced section)
Choose one of the following values:
• Use persistent connections (unlimited). Use existing connections.
• Use persistent connections (unlimited). Use existing connections.
If no connections are available a new connection is opened.
• Use persistent connections. Use existing connections to service
the number of requests specified. When the maximum is reached,
establish a new connection to the LDAP server.
establish a new connection to the LDAP server.
• Do not use persistent connections. Always create a new
connection to the LDAP server.
Table 16-12 LDAP Authentication Settings (Continued)
Setting
Description