Crypt-o system options - LDAP

---

Crypt-o can use a LDAP server to authenticate user accounts.

This page lists all registered LDAP servers to be used for user authentication.

 

 

Click the Add... button to add a new LDAP server.

Click the Edit... button to edit parameters of the selected LDAP server.

Click the Remove button to delete the selected server from the list.

 

Host - specify a host name or IP address of the computer where the LDAP server is running.

Port - TCP/IP port of the LDAP server.

NOTE: If you, for some reason, connect Active Directory, use port 3268 instead of the default port 389. It will improve performance. But it is recommended to use the native Windows authentication support in Crypt-o to authenticate users of a Windows domain.

SSL - Enable SSL connection to the LDAP server.

TLS - Enable TLS connection to the LDAP server.

Authentication - LDAP server authentication type. Possible values - Simple, GSS, GSS SASL.

Base DN - a base distinguished name for the LDAP directory search.

User name - a distinguished name of a user account to be used for the LDAP directory search.

Password - a password of the user account specified in the User name box.

Anonymous connection - use the anonymous connection to the LDAP server. For security reasons anonymous connections are disabled for most LDAP servers.

Nested groups - when this option is enabled, Crypt-o will try to recursively find all parent groups for a LDAP user account during the log on. It may slow down the log on process in some cases. If you turn off this option, only immediate groups for a user account will be retrieved from the LDAP server.

 

Test connection - press this button to test entered connection parameters of the LDAP server.