LDAP device policy 编辑
You create an LDAP policy for iOS devices in Endpoint Management to provide information about an LDAP server to use, including any necessary account information. The policy also provides a set of LDAP search policies to use when querying the LDAP server.
You need the LDAP host name before configuring this policy.
To add or configure this policy, go to Configure > Device Policies. For more information, see Device policies.
iOS settings
- Account description: Enter an optional account description.
- Account user name: Enter an optional user name.
- Account password: Enter an optional password. Use this field only with encrypted profiles.
- LDAP host name: Enter the LDAP server host name. This field is required.
- Use SSL: Select whether to use a Secure Socket Layer connection to the LDAP server. The default is On.
- Search Settings: Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. Click Add and then do the following:
- Description: Enter a description of the search setting. This field is required.
- Scope: Choose Base, One level, or Subtree to define how deeply into the LDAP tree to search. The default is Base.
- Base searches the node pointed to by Search base.
- One level searches the Base node and one level below it.
- Subtree searches the Base node, plus all its children, regardless of depth.
- Search base: Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
- Click Save to add the search setting or click Cancel to cancel adding the search setting.
- Repeat these steps for each search setting that you want to add.
- Policy settings
- Remove policy: Choose a method for scheduling policy removal. Available options are Select date and Duration until removal (in hours)
- Select date: Click the calendar to select the specific date for removal.
- Duration until removal (in hours): Type a number, in hours, until policy removal occurs.
- Remove policy: Choose a method for scheduling policy removal. Available options are Select date and Duration until removal (in hours)
macOS settings
- Account description: Enter an optional account description.
- Account user name: Enter an optional user name.
- Account password: Enter an optional password. Use this field only with encrypted profiles.
- LDAP host name: Enter the LDAP server host name. This field is required.
- Use SSL: Select whether to use a Secure Socket Layer connection to the LDAP server. The default is On.
- Search Settings: Add search settings to use when querying the LDAP server. You can enter as many search settings as you want, but you should add at least one search setting to make the account useful. Click Add and then do the following:
- Description: Enter a description of the search setting. This field is required.
- Scope: Choose Base, One level, or Subtree to define how deeply into the LDAP tree to search. The default is Base.
- Base searches the node pointed to by Search base.
- One level searches the Base node and one level below it.
- Subtree searches the Base node, plus all its children, regardless of depth.
- Search base: Enter the path to the node at which to start searching. For example, ou=people or 0=example corp. This field is required.
- Click Save to add the search setting or click Cancel to cancel adding the search setting.
- Repeat these steps for each search setting you want to add.
- Policy settings
- Remove policy: Choose a method for scheduling policy removal. Available options are Select date and Duration until removal (in hours)
- Select date: Click the calendar to select the specific date for removal.
- Duration until removal (in hours): Type a number, in hours, until policy removal occurs.
- Allow user to remove policy: You can select when users can remove the policy from their device. Select Always, Passcode required, or Never from the menu. If you select Passcode required, type a passcode in the Removal passcode field.
- Profile scope: Select whether this policy applies to a User or an entire System. The default is User. This option is available only on macOS 10.7 and later.
- Remove policy: Choose a method for scheduling policy removal. Available options are Select date and Duration until removal (in hours)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论