To configure LDAP authentication by using the configuration utility 编辑

October 5, 2020 Contributed by:  S

To configure LDAP authentication by using the configuration utility

  1. Navigate to Citrix Gateway >Policies > Authentication.

  2. Click LDAP.

  3. In the details pane, on the Policies tab, click Add.

  4. In Name, type a name for the policy.

  5. Next to Server, click New.

  6. In Name, type the name of the server.

  7. Under Server, in IP Address and Port, type the IP address and port number of the LDAP server.

  8. In Type, select either AD for Active Directory or NDS for Novell Directory Services.

  9. Under Connection Settings, complete the following:

    1. In Base DN (location of users), type the base DN under which users are located. Base DN search the users located under the selected directory (AD or NDS).

      The base DN is derived from the Bind DN by removing the user name and specifying the group where users are located. Examples of the syntax for base DN are:

      ou=users,dc=ace,dc=comcn=Users,dc=ace,dc=com<!--NeedCopy-->
    2. In Administrator Bind DN, type the administrator bind DN for queries to the LDAP directory. Examples for the syntax of bind DN are:

      domain/user nameou=administrator,dc=ace,dc=comuser@domain.name (for Active Directory)cn=Administrator,cn=Users,dc=ace,dc=com<!--NeedCopy-->

      For Active Directory, the group name specified as cn=groupname is required. The group name that you define in Citrix Gateway and the group name on the LDAP server must be identical.

      For other LDAP directories, the group name either is not required or, if necessary, is specified as ou=groupname.

      Citrix Gateway binds to the LDAP server using the administrator credentials and then searches for the user. After locating the user, Citrix Gateway unbinds the administrator credentials and rebinds with the user credentials.

    3. In Administrator Password and Confirm Administrator Password, type the administrator password for the LDAP server.

  10. To retrieve more LDAP settings automatically, click Retrieve Attributes.

    When you click Retrieve Attributes, the fields under Other Settings populate automatically. If you want to ignore this step, continue with Steps 12 and 13. Otherwise, skip to Step 14.

  11. Under Other Settings, in Server Logon Name Attribute, type the attribute under which Citrix Gateway must look for user logon names for the LDAP server that you are configuring. The default is samAccountName.

  12. In Search Filter, type the value to search for the users associated with single or multiple active directory groups.

    For example, “memberOf=CN=GatewayAccess,OU=Groups,DC=Users,DC=lab”.

    Note

    You can use the preceding example to restrict Citrix Gateway access only to the members of a specific AD group.

  13. In Group Attribute, leave the default memberOf for Active Directory or change the attribute to the attribute of the LDAP server type you are using. This attribute enables Citrix Gateway to obtain the groups associated with a user during authorization.

  14. In Security Type, select the security type and then click Create.

  15. To allow users to change their LDAP password, select Allow Password Change.

    Note:

    • If you select PLAINTEXT as the security type, allowing users to change their passwords is not supported.
    • If you select PLAINTEXT or TLS for security, use port number 389. If you select SSL, use port number 636.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。
列表为空,暂无数据

词条统计

浏览:41 次

字数:4651

最后编辑:7 年前

编辑次数:0 次

    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文