To authenticate users on a Lightweight Directory Access Protocol (LDAP) server, configure the Barracuda NextGen Firewall X-Series to use LDAP as an external authentication scheme. You can add LDAP configurations for one or more LDAP servers. Connect the X-Series Firewall with your LDAP servers and specify the search settings for the LDAP directory. To reduce load querying for large environments, you can filter unwanted group membership information by creating group filter patterns.
Configure LDAP Authentication
Configure the X-Series Firewall to look up users on your LDAP server.
- Go to the USERS > External Authentication page.
- Click the LDAP tab.
- In the Basic section, click Add.
- In the Base DN field, enter the Distinguished Name (DN) where the search in the LDAP directory should be started at. Separate multiple entries with a comma. E.g.,
OU=yourcompany,OU=external,O=sales,O=world,C=AT
- (Optional) Select Use SSL if your LDAP server supports SSL connections.
- Enter the IP address or hostname of the LDAP server in the Server Name field.
- In the User Field, enter the name attribute of the LDAP searching user field used in your LDAP directory. E.g,
cn
- Enter the LDAP Password Field used in your LDAP directory.
- Select Anonymous if authentication is not required.
- In the Admin DN field, enter the Distinguished Name of the administrator who is authorized to perform requests.
- Enter the Admin Password for the administrative user.
- In the Group Attribute field, specify the name of the attribute field on the LDAP server containing group information.
- Select whether to use LDAP Encryption (SSL) for data exchanged with the LDAP directory.
Enter LDAP fields containing email addresses in the Additional Mail Fields. Separate multiple entries with a comma.
- Click Save.
The configuration is now added to the EXISTING AUTHENTICATION SERVICES table, and your LDAP domain users can use the LDAP authentication service to be authenticated on the X-Series Firewall.