Active Directory
Using the Active Directory option, information needed during authentication and group memberships is retrieved from the specified Active Directory. Encryption options (Start TLS and LDAP over SSL) are available (figure 4.4).
Figure 4.4: Active Directory settings panel
Hostname We recommend entering a Global Catalog in the hostname field. This avoids the CLC Server being redirected to several different Domain Controllers to obtain information about users and groups, and can thereby speed up the response time considerably in complex network environments. When a Global Catalog is specified, the port number must be configured to either
- 3268 LDAP, plain/startTLS, comparable to port 389, or
- 3269 LDAPS, SSL, comparable to 636
Please see the notes in the LDAP section for other recommendations and configuration details.