Configuring a connection with the LDAP server

To configure the connection of the application with an external directory service using the LDAP protocol:

  1. Export the Auth task settings to an XML file using the command:

    # /opt/kaspersky/klms/bin/klms-control --get-settings 1 -f <name of the settings file>

  2. Open the XML file for editing.
  3. Specify the preferred type of integration between the application and the external directory service via LDAP in the <integrationType>: <LDAPGeneric> section (for integration with LDAP) or <AD> (for integration with Active Directory).
  4. Depending on the type of integration, specify the values of the following settings in the <LDAPGeneric> or <AD> sections:
    • <host> – address of the server with the openLDAP or Active Directory service, depending on the type of integration selected in the <integrationType> section;
    • <connectionType> – the type of connection to Active Directory or server with the openLDAP service: TLS, LDAP via SSL or without encryption;
    • <port> – Port of the server with the openLDAP or Active Directory service, depending on the type of connection selected in the <connectionType> section.
    • <bindDn> – Administrator account
    • <password> – Administrator password
    • <searchBase> – Account search database.

    Example of the <AD> integration type parameters in use:

    <host><IP address></host>

    <port>389</port>

    <bindDn>user@companyname.com</bindDn>

    <password>123456</password>

    <searchBase>dc=companyname,dc=com</searchBase>

    Example of the <LDAPGeneric> integration type parameters in use:

    <host>IP address</host>

    <port>389</port>

    <bindDn>cn=admin,dc=site</bindDn>

    <password>123456</password>

    <searchBase>dc=site</searchBase>

  5. Specify the timeout for establishing a connection to the openLDAP or Active Directory service in the <netTimeoutInSeconds> section. If the server does not respond during the specified time, the "Can not contact LDAP server" result is returned.
  6. Save the changes made.
  7. Import the Auth task settings from an XML file using the command:

    # /opt/kaspersky/klms/bin/klms-control --set-settings 1 -f <name of the settings file>

We recommend using an unprivileged user account when configuring the application connection to an external directory service using LDAP.

Page top