Справочник Пользователя для SonicWALL UTM Appliance

3 

SonicOS supports a range of different LDAP servers, the most popular being Active Directory (AD). AD is also 
an LDAP implementation.  Please refer to the following paper as a supplement on how to configure LDAP 
settings. 

Integrating your SonicWALL appliance with an LDAP directory service using SSL requires configuring your 
LDAP server for certificate management, installing the correct certificate on your SonicWALL appliance, and 
configuring the SonicWALL appliance to use the information from the LDAP Server.  

 

 SSL is not required for LDAP integration.  The downside is that user credentials are sent across the 

network unencrypted.  This is considered highly insecure.   

Before beginning your LDAP configuration, you should prepare your LDAP server and your SonicWALL for 
LDAP over TLS support. This requires: 

•  Installing a server certificate on your LDAP server. 

•  Installing a Certificate Authority (CA) certificate for the issuing CA on your SonicWALL appliance.  

The following procedures describe how to perform these tasks in an Active Directory environment. 

To configure the CA on the Active Directory server (skip the first five steps if Certificate Services are already 
installed): 

Step 1: Navigate to Start > Settings > Control Panel > Add/Remove Programs. 

Step 2: Select Add/Remove Windows Components. 

Step 3: Select Certificate Services. 

Step 4: Select Enterprise Root CA when prompted. 

Step 5: Enter the requested information. For information about certificates on Windows systems, see 

http://support.microsoft.com/kb/931125

. 

Step 6: Launch the Domain Security Policy application: Navigate to Start > Run and run the 

command: dompol.msc. 

Step 7: Open Security Settings > Public Key Policies. 

Step 8: Right click Automatic Certificate Request Settings. 

Step 9: Select New > Automatic Certificate Request. 

Step 10: Follow through the wizard, and select Domain Controller from the list.