LDAP
Configuration Variable | Data Type | Description |
---|---|---|
proxy.config.ldap.auth.enabled | INT |
Default: 0 Enables (1) or disables (0) LDAP proxy authentication. See LDAP authentication. |
proxy.config.ldap.cache.size | INT |
Default: 5000 The maximum number of entries allowed in the LDAP cache. If this value is modified, you must update the value of proxy.config.ldap.cache. storage_size proportionally. For example, if you double the cache size, also double the cache storage size. |
proxy.config.ldap.cache. storage_size | INT |
Default: 24582912 The size of the LDAP cache in bytes. This is directly related to the number of entries in the cache. If this value is modified, you must update the value of proxy.config.ldap.cache.size proportionally. For example, if you double the storage size, also double the cache size. Modifying this variable without modifying proxy.config.ldap.cache.size can cause the LDAP subsystem to stop functioning. |
proxy.config.ldap.auth.ttl_value | INT |
Default: 3000 The amount of time (in minutes) that entries in the cache remain valid. |
proxy.config.ldap.auth.purge_ cache_on_auth_fail | INT |
Default: 1 When enabled (1), configures Content Gateway to delete the authorization entry for the client in the LDAP cache if authorization fails. |
proxy.config.ldap.proc.ldap. server.name | STRING |
Default: NULL The LDAP server name. |
proxy.config.ldap.proc.ldap. server.port | INT |
Default: 398 The LDAP server port. |
proxy.config.ldap.proc.ldap. base.dn | STRING |
Default: NULL The LDAP Base Distinguished Name (DN). Obtain this value from your LDAP administrator. |
proxy.config.ldap.proc.ldap.uid_ filter | STRING |
Default: sAMAccountName The LDAP login name/ID. Use this as a filter to search the full DN database. userPrincipalName is also valid for Microsoft Active Directory. For eDirectory or other directory services, enter uid in this field. |
proxy.config.ldap.secure.bind. enabled | INT |
Default: 0 When enabled (1), configures the proxy to use secure LDAP (LDAPS) to communicate with the LDAP server. Secure communication is usually performed on port 636 or 3269. |
proxy.config.ldap.proc.ldap. server.bind_dn | STRING |
Default: NULL The Full Distinguished Name (fully qualified name) of a user in the LDAP- based directory service. For example: CN=John Smith,CN=USERS, DC=MYCOMPANY,DC=COM Enter a maximum of 128 characters in this field. If no value is specified for this field, the proxy attempts to bind anonymously. |
proxy.config.ldap.proc.ldap. server.bind_pwd | STRING |
Default: NULL Specifies a password for the user identified by the proxy.config.ldap.proc. ldap.server.bind_dn variable. |
proxy.config.ldap.proc.encode_ convert | INT |
Default: 0 Enables (1) or disables (0) the support of passwords with special characters. The variable proxy.config.ldap.proc. encode_name is required when this variable is enabled. This variable must be added manually. See this page for additional information. |
proxy.config.ldap.proc.encode_ name | STRING |
Default: NULL The encoding name to be used when proxy.config.ldap.proc.encode_ convert is enabled. This variable must be added manually. |