External LDAP Server
An External LDAP (Lightweight Directory Access Protocol) or Active Directory Server is a centralized directory service used to authenticate and manage user identities, groups, and access permissions across an organization. When integrated with the system, it allows you to log in using existing corporate credentials instead of creating separate accounts. This screen is also used to create, edit, and delete an External LDAP Server.
To access the External LDAP Server screen, click on Network Access > UPAM NAC > External Source under the “Configure” section of the OmniVista Cirrus Menu.
Creating an External LDAP Server
You can create an External LDAP server by specifying required details. This enables establishing a secure connection between the system and the LDAP directory for user authentication.
To add an External LDAP Server to UPAM, click on Create External LDAP Server to open the Create External LDAP Server screen. Complete the following fields as described below and test the connection with the server. Successful test connection is mandatory to create a new External LDAP server.
Server Name - Enter the Server Name.
Host Name/IP Address - Enter the LDAP Server Host Name/IP address.
Backup Host Name/IP Address - Enter the Backup LDAP server Host Name/IP address.
Admin Name - Enter the Administrator account name used to login into the LDAP server.
Admin Password - Enter the Administrator password used to login into the LDAP server.
Search Base - Enter the starting point for the search in the LDAP server directory tree.
Object Class - Defines named attribute collections and classifies them as required or optional.
Username Attribution - Enter the LDAP entry that represents the username used for authentication.
Password Attribution - Enter the LDAP entry that represents the password used for authentication.
Password Type - Select the Password type from the drop-down list. (Cleartext or NT-Password)
TLS/StartTLS - Select a TLS encryption type from the drop-down list.
NS - Non-secure encryption between UPAM and the LDAP Server.
StartTLS Extension - The secure communication method between UPAM and the LDAP Server.
Port - Enter the port used by UPAM to communicate with the LDAP server. (Range= 1 – 65535, Default - 389).
Click on Test Connection to create the External LDAP Server and then click on Create to save the configuration.
Editing an External LDAP Server
Select a server in the External LDAP Server List and click on the Edit icon. The Edit External LDAP Server screen opens on which you can edit the fields as described above, When you are done making changes to the Server attributes, click on Save to return to the External LDAP Server List.
Note: You cannot change the server name.
Deleting an External LDAP Server
Select a server in the External LDAP Server List and click on the trash icon under the “Actions” column or click on the Actions button and select Delete from the drop-down menu. When the following confirmation prompt appears, click on Delete to delete the profile.
Note: You can delete one or multiple external LDAP server profiles. Deleting a profile disconnects the integration and stops authentication and synchronization with that LDAP source.
Display External LDAP Server List
The following information is displayed for each Server in the External LDAP Server List:
Server Name - The name assigned to the Server configuration.
Hostname/IP Address - The hostname or IP address of the External LDAP Server.
Backup Hostname/IP Address - The hostname or IP address of a backup External LDAP Server, if applicable.
TLS/StartTLS - The TLS encryption type.
NS - Non-secure encryption between UPAM and the LDAP Server.
StartTLS Extension - The secure communication method between UPAM and the LDAP Server.
Port - The port used by UPAM to communicate with the LDAP server. (Range= 1 – 65535, Default - 389).
Created At - The date and time when the External LDAP Server configuration is done.