menu_banner (2K)

Appendix R: LDAP Authentication

Lightweight Directory Access Protocol (LDAP) is an application protocol for querying and modifying directory services running over TCP/IP. This can be used to validate a LOGON password against the contents of an LDAP server instead of the USER table. A username and password are sent to an LDAP server for authentication which produces a response of either "accepted" or "rejected".

The LDAP userid, typically in the format 'cn=Joe Blow,ou=organisation unit', will usually be different from the LOGON userid, so it can be stored in the external_id field on the USER record.

Depending on the particular LDAP implementation the passwords may either be static, or supplied by a One Time Password (OTP) generator.

When this option is turned on in the Menu Control Data it applies to all users EXCEPT the following:

For details on how to turn this option on please refer to FAQ 114.