Creating LDAP Authentication Realms

If you are using LDAP, you can import users and map them to the security system. If you create an LDAP type of authentication realm, you need to provide information about your LDAP installation as described in the following table.

For additional configuration requirements, see LDAP Authentication Configuration.

LDAP Authentication Realm Properties table

Field	Description
Context Factory	Enter the context factory class to use to connect. This may vary depending upon your Java implementation. The default for Sun Java implementations: `com.sun.jndi.ldap.LdapCtxFactory`.
LDAP URL	URL to the LDAP server beginning with `ldap://` or `ldaps://`. Separate additional servers with spaces.
Use DN Pattern	Enter the user directory entry pattern; the name will be substituted in place of 0 in the pattern, such as `cn={0},ou=employees,dc=yourcompany,dc=com`.
User Search Base	Enter the user base directory to search for users, such as `ou=employees,dc=mydomain,dc=com`.
User Search Filter	Enter the LDAP filter expression to use when searching for a user's directory entry. The user name will be substituted in place of `{0}` in the pattern, such as `uid={0}`. If this is an attribute and not part of the user DN pattern, wrap the value in parenthesis, such as `ud=(0)`.
Search User Subtree	Search the subtree for users.
Search Connection DN	Enter the complete directory name to use when binding to LDAP for searches, such as `cn=admin,dc=mydomain,dc=com`. If not specified, an anonymous connection will be made. Required if the LDAP server cannot be anonymously accessed.
Search Connection Password	Enter the password to use when binding to LDAP for searches.
Name Attribute	Enter the attribute name that contains the user's name, as set in LDAP.
Email Attribute	Enter the attribute name that contains the user's email address, as set in LDAP.