Field | Enter |
LDAP Configuration section | |
Hostname | The host name for the Active Directory server, for example,ad.renovations.com. A Domino server uses this host name to connect to the directory server.
Click Suggest to look up the host names of LDAP servers listed in your DNS.
Click Verify to verify that the host name is an active LDAP server.
Note: You can specify one host name only.
Port values entered in this field override those specified in the Portfield. If no port is specified in this field, then the value specified in thePort field is used. |
LDAP Vendor | Select Active Directory. |
Optional authentication credential for search | For Optional Authentication Credential enter a user name and a password for a Domino server to present when it connects to the Active Directory server. The Active Directory server uses the name and password to authenticate the Domino server. If you don't specify a name and password, a Domino server attempts to connect anonymously.
Click Verify to verify that the user name and password you entered is valid on each host name.
This setting may affect change detection for LDAP servers. |
Base DN for search | A search base, if the LDAP directory server requires one. For example:
o=Renovations
o=Renovations,c=US
Click Suggest to search each host name for likely search bases.
Click Verify to verify that the search base is accessible on each host name using the configured credentials.
This setting may affect change detection for LDAP servers. |
Connection Configuration section | |
Channel encryption | Choose one:
- TLS (the default) to use TLS when a Domino server connects to the Active Directory server
- None to prevent TLS from being used.
If you choose TLS, make selections in these associated fields:
- Accept expired TLS certificates
- TLS protocol version
- Verify server name with remote server's certificate
|
Port | The port number Domino servers use to connect to the Active Directory server.
- If you choose TLS in the Channel encryption field, the default port is 636.
- If you choose None in the Channel encryptionfield, the default port is 389.
If the directory server doesn't use one of these default ports, enter a different port number manually. |
Advanced Options section | |
Timeout | The maximum number of seconds allowed for a search of the directory; default is 60 seconds.
If the Active Directory server is also configured with a timeout value, the smaller value takes precedence. |
Maximum number of entries returned | The maximum number of entries the Active Directory server can return for a name for which a Domino server searches. If the directory server also has a maximum setting, the smaller value takes precedence. If the directory server times out, it returns the number of names found up to that point.
Default is 100. |
Dereference alias on search | Choose one to control the extent to which alias dereferencing occurs during searches of the directory:
- Never
- Only for subordinate entries
- Only for search base entries
- Always (default)
If aliases are not used in the directory, selecting Never can improve search performance. |
Preferred mail format | Select Internet Mail Address. |
Enable name mapping | Do not select. |
Type of search filter to use | Select Active Directory. |