To configure the connection of the application with an external directory service using the LDAP protocol:
Auth
task settings to an XML file using the command:# /opt/kaspersky/klms/bin/klms-control --get-settings 1 -f <
name of the settings file>
integrationType
>: <LDAPGeneric
> section (for integration with LDAP) or <AD
> (for integration with Active Directory).LDAPGeneric
> or <AD>
sections:<host>
– address of the server with the openLDAP or Active Directory service, depending on the type of integration selected in the <integrationType>
section;<connectionType>
– the type of connection to Active Directory or server with the openLDAP service: TLS, LDAP via SSL or without encryption;<port>
– Port of the server with the openLDAP or Active Directory service, depending on the type of connection selected in the <connectionType>
section.<bindDn>
– Administrator account<password>
– Administrator password<searchBase>
– Account search database.Example of the <AD>
integration type parameters in use:
<host><IP address></host>
<port>389</port>
<bindDn>user@companyname.com</bindDn>
<password>123456</password>
<searchBase>dc=companyname,dc=com</searchBase>
Example of the <LDAPGeneric>
integration type parameters in use:
<host>IP address</host>
<port>389</port>
<bindDn>cn=admin,dc=site</bindDn>
<password>123456</password>
<searchBase>dc=site</searchBase>
<netTimeoutInSeconds>
section. If the server does not respond during the specified time, the "Can not contact LDAP server
" result is returned.Auth
task settings from an XML file using the command: # /opt/kaspersky/klms/bin/klms-control --set-settings 1 -f <
name of the settings file>
We recommend using an unprivileged user account when configuring the application connection to an external directory service using LDAP.
Page top