Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 950
  • Last Modified:

LDAP information

I need to find some LDAP information specifically ldap-login-dn, ldap-base-dn, ldap-naming-attribute, etc.  I wanted to know how I go about finding this information?  
0
HenryCastro
Asked:
HenryCastro
  • 3
  • 2
3 Solutions
 
Mike KlineCommented:
Is this for AD or another LDAP directory?  If for AD you can look at the link below that will show you the names behind the GUI

http://www.selfadsi.org/user-attributes-w2k3.htm

Thanks

Mike
0
 
HenryCastroAuthor Commented:
Its for AD, windows 2003 domain. I will look at the link now, thank you.
0
 
jwillekeCommented:
If you just want to see the LDAP "stuff" then you can use http://directory.apache.org/studio/ LDAP Browser.

You may need to find suitable login credentials to use with AD and often this is the hard part: http://ldapwiki.willeke.com/wiki/LDAP%20and%20Active%20Directory

-jim
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
HenryCastroAuthor Commented:
To be even more specific my ISP is making a VPN connection with their ASA.  They are asking for:


ldap-login-dn
Specifies the name of the directory object that the system should bind as.

ldap-login-password
Specifies the password for the login DN.

ldap-base-dn
To specify the location in the LDAP hierarchy where the server should begin searching when it receives
an authorization request

ldap-naming-attribute
Specifies the Relative Distinguished Name attribute (or attributes) that
uniquely identifies an entry on the LDAP server.

Server-port
                Port number for communicating with the LDAP server

I appreciate all the input and advice.  Thanks for the responses.
0
 
jwillekeCommented:
ldap-login-dn
Specifies the name of the directory object that the system should bind as.
-> This will need to be the fully distinguished name of the user that they will use to find users.
The account will need to have rights to see what the applicaiton needs to return. This should probably be a read-only account and NOT ADMINISTRATOR.


ldap-login-password
Specifies the password for the login DN.
-> password for above

ldap-base-dn
To specify the location in the LDAP hierarchy where the server should begin searching when it receives
an authorization request
-> This is the distinguished name of the container where your users are, something like: CN=Users,DC=yourdomain,DC=com


ldap-naming-attribute
Specifies the Relative Distinguished Name attribute (or attributes) that
uniquely identifies an entry on the LDAP server.
-> if AD, this is probably CN

Server-port
                Port number for communicating with the LDAP server
->Should be 636 and LDAPS (or 389 and TLS) as otherwise, the password would be in clear text on the wire.

-jim
0
 
HenryCastroAuthor Commented:
thank you for all the help.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now