Cisco Cisco Web Security Appliance S170 사용자 가이드
21-31
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
Chapter 21 Authentication
LDAP Authentication
LDAP Authentication Settings
describes the authentication settings you define when you choose LDAP authentication.
Table 21-12
LDAP Authentication Settings
Setting
Description
LDAP Version
Choose the version of LDAP, and choose whether or not to use Secure LDAP.
The appliance supports LDAP version 2, and LDAP version 3 software. Secure
LDAP requires LDAP version 3.
LDAP requires LDAP version 3.
Choose whether or not this LDAP server support Novell eDirectory to use with
transparent user identification. For more information, see
transparent user identification. For more information, see
.
LDAP Server
Enter the LDAP server IP address or hostname and its port number. You can
specify up to three servers.
specify up to three servers.
The hostname must be a fully-qualified domain name. For example,
ldap.example.com
. An IP address is required only if the DNS servers
configured on the appliance cannot resolve the LDAP server hostname.
The default port number for Standard LDAP is 389. The default number for
Secure LDAP is 636.
Secure LDAP is 636.
If the LDAP server is an Active Directory server, enter the hostname or IP
address and the port of the domain controller here. Whenever possible, enter the
name of the Global Catalog Server and use port 3268. However, you might want
to use a local domain controller when the global catalog server is physically far
away and you know you only need to authenticate users on the local domain
controller.
address and the port of the domain controller here. Whenever possible, enter the
name of the Global Catalog Server and use port 3268. However, you might want
to use a local domain controller when the global catalog server is physically far
away and you know you only need to authenticate users on the local domain
controller.
Note: When you configure multiple authentication servers in the realm, the
appliance attempts to authorize with up to three authentication servers before
failing to authenticate the transaction within that realm.
appliance attempts to authorize with up to three authentication servers before
failing to authenticate the transaction within that realm.
LDAP Persistent
Connections
Connections
(under the Advanced
section)
section)
Choose one of the following values:
•
Use persistent connections (unlimited). Use existing connections. If no
connections are available a new connection is opened.
connections are available a new connection is opened.
•
Use persistent connections. Use existing connections to service the
number of requests specified. When the maximum is reached, establish a
new connection to the LDAP server.
number of requests specified. When the maximum is reached, establish a
new connection to the LDAP server.
•
Do not use persistent connections. Always create a new connection to the
LDAP server.
LDAP server.