Previous Topic: Ping the User Store System

Next Topic: How to Configure an Active Directory Global Catalog User Directory Connection

Configure Active Directory Connections

You can configure a user directory connection that lets the Policy Server communicate with an Active Directory user store.

To configure the user directory connection

  1. Click Infrastructure, Directory.
  2. Click User Directory, Create User Directory.

    The Create User Directory pane opens.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

  3. Select either AD or LDAP from the Namespace list on the Directory Setup group box.

    LDAP settings open.

    Note: Because Microsoft Active Directory is an LDAP-compliant user directory, you can configure an Active Directory connection using the AD namespace or the LDAP namespace.

  4. Complete the remaining required connection information on the General and Directory Setup group boxes.

    Note: Consider the following:

    Note: If the Policy Server is operating in FIPS mode and the directory connection is to use a secure SSL connection when communicating with the Policy Server, the certificates used by the Policy Server and the directory store must be FIPS compliant.

  5. (Optional) Click Configure on the Directory Setup group box to configure load balancing and failover.

    Note: More information on load balancing and failover exists in LDAP Load Balancing and Failover.

  6. Select Require Credentials on the Administrator Credentials group box, and type the username and password of the administrator's account in the fields on the group box.

    Note: When configuring a user directory in the Active Directory (AD) namespace, you must specify the fully qualified domain name (FQDN) of the administrator in the Username field. Otherwise, user authentication can fail.

  7. Type the LDAP Search and LDAP User DN Lookup settings in the fields on the LDAP Settings group box.
  8. (Optional) Specify the user directory profile attributes that are reserved for SiteMinder's use in the fields on the User Attributes group box.
  9. (Optional) Click Create on the Attribute Mapping List group box.

    The Create Attribute Mapping pane opens.

  10. Click Submit.

    The Create User Directory task is submitted for processing.

More information:

LDAP Load Balancing and Failover

Directory Attributes Overview

Define an Attribute Mapping

How to Configure an LDAP User Directory Connection over SSL


Copyright © 2010 CA. All rights reserved. Email CA about this topic