Active Directory Authentication

After selecting the Active Directory authentication method, you will need to provide the following information:

1. Assign the authentication type Kerberos.

2. Enter the Authentication Server address.

3. Enter the Server Port (the default is 389).

4. Enter the Security Domain (for example, corp.mycompany.com).

5. Specify the DN in the User Base DN field. n-Command MSP uses this attribute to locate user information.
   
   If you select Bind User Base DN to Security Domain, the DN field will populate with domain components (dc) based on the defined security domain.
   
   You can add common name (cn), user identification (uid), and organizational unit (ou) attributes to the User Base DN field after it is populated or enter the information manually by clicking in the field (for example, uid=%user%,ou=employee,dc=corp,dc=mycompany,dc=com). 

6. Specify an attribute filter to use in locating a user record in the User Filter field. This filter is used to find a user record from the User Base DN. It is common to use the user name attribute for this filter, but not required (for example, sAMAccountName=%user%). (The %user% escape sequence will be replaced by the user login at the time of authentication.) This field also allows the cn, uid, and ou attributes to be added.

Once changes have been made in the dialog box, select Apply to save and exit the menu. You can select Cancel to exit without making any changes.

Next, set the user permissions as described in the following section:

Setting User Permissions for LDAP or Active Directory Authentication