Cisco Cisco Web Security Appliance S170 Guida Utente

Obtain the following information about LDAP in your organization:

LDAP version

Server addresses

LDAP ports

If the Web Security appliance is managed by a Security Management appliance, ensure that 
same-named authentication realms on different Web Security appliances have identical properties 
defined on each appliance. 

Choose Network > Authentication.

Click Add Realm. 

Assign a unique name to the authentication realm using only alphanumeric and space characters.

Select LDAP in the Authentication Protocol and Scheme(s) field.

Enter the LDAP authentication settings:

LDAP Version

Choose the version of LDAP, and choose whether or not to use Secure LDAP. 

The appliance supports LDAP versions 2 and 3. Secure LDAP requires LDAP 
version 3.

Choose whether or not this LDAP server supports Novell eDirectory to use with 
transparent user identification. 

LDAP Server

Enter the LDAP server IP address or hostname and its port number. You can 
specify up to three servers.

The hostname must be a fully-qualified domain name. For example, 

ldap.example.com

. An IP address is required only if the DNS servers 

configured on the appliance cannot resolve the LDAP server hostname.

The default port number for Standard LDAP is 389. The default number for 
Secure LDAP is 636.

If the LDAP server is an Active Directory server, enter the hostname or IP 
address and the port of the domain controller here. Whenever possible, enter the 
name of the Global Catalog Server and use port 3268. However, you might want 
to use a local domain controller when the global catalog server is physically far 
away and you know you only need to authenticate users on the local domain 
controller.

Note: When you configure multiple authentication servers in the realm, the 
appliance attempts to authorize with up to three authentication servers before 
failing to authenticate the transaction within that realm.