ldapBindingMethod
IMM-MIB ·
.1.3.6.1.4.1.2.3.51.3.3.4.2.6.12
Object
scalar
mandatory
r/w
Enumeration
On initial binds to the LDAP server during user authentication, there are three options: Anonymous authentication: Bind attempt is made without a client DN or password. If the bind is successful, a search will be requested in order to find an entry on the LDAP server for the user attempting to login. If an entry is found, a second attempt to bind will be attempted, this time with the user's DN and password. If this succeeds, the user is deemed to have passed the user authentication phase. Group authentication is then attempted if it is enabled. Client authentication: Bind attempt is made with client DN and password specified by this configuration parameter. If the bind is successful, we proceed as above. User Principal Name (UPN): Bind attempt is made directly with the credentials used during the login process. If this succeeds, the user is deemed to have passed the user authentication phase. Note that for Active Directory servers, the userid can have the form someuser@somedomain or simply someuser.
Context
- MIB
- IMM-MIB
- OID
.1.3.6.1.4.1.2.3.51.3.3.4.2.6.12- Type
- scalar
- Access
- readwrite
- Status
- mandatory
- Parent
- ldapClientCfg
- Siblings
- 24
Syntax
Enumeration
Values & Constraints
Enumerated Values
0 | anonymousAuthentication |
1 | clientAuthentication |
2 | userPrincipalName |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| ldapServer1NameOrIPAddress mandatory A NULL terminated 64 byte string that contains the
LDAP server host name or IP address (a.b.c.d). | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.1 |
| ldapUserSearchBaseDN obsolete As part of the user authentication process, it is necessary to search
the LDAP server for one or more attributes associated with a particular
user. Any search request must speci… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.10 |
| ldapGroupFilter mandatory This filter is used for group authentication. It specifies what group or
groups that this MM belongs to. If left blank, group authentication is
disabled. Otherwise, group authen… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.11 |
| ldapClientAuthenticationDN mandatory The initial bind to the LDAP server during user authentication can be
performed with anonymous authentication, client based authentication, or UPN.
The client based option requi… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.13 |
| ldapClientAuthenticationPassword mandatory The client authentication password | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.14 |
| ldapRoleBasedSecurityEnabled mandatory A value of true for RoleBasedSecurityEnabled indicates enhanced
will be used by the service processor. A value of false for
RoleBasedSecurityEnabled indicates the legacy bit mas… | scalar | Enumeration | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.15 |
| ldapServerTargetName mandatory When administrator chooses Enhanced Role Based Security authentication model,
he can associate one IMM with one managed target object in Snap-in (one tool
to configure LDAP use… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.16 |
| ldapUIDsearchAttribute mandatory When the binding method selected is Anonymous authentication or Client
authentication, the initial bind to the LDAP server is followed by a search
request aimed at retrieving sp… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.17 |
| ldapGroupSearchAttribute mandatory When the MM Group Filter name is configured, it is necessary to retrieve
from the LDAP server the list of groups that a particular user belongs to.
This is required to do group … | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.18 |
| ldapLoginPermissionAttribute mandatory When a user successfully authenticates via a LDAP server, it is necessary
to retrieve the login permissions for this user. In order to retrieve these
permissions, the search fil… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.19 |
| ldapServer1PortNumber mandatory LDAP server port number. | scalar | Integer32 | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.2 |
| ldapUseDNSOrPreConfiguredServers mandatory The MM contains a Version 2.0 LDAP Client that may be configured to provide
user authentication through one or more LDAP servers. The LDAP server(s) to be
used for authenticatio… | scalar | Enumeration | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.20 |
| ldapDomainSource mandatory The DNS SRV request sent to the DNS server must specify a domain name.
The LDAP client will determine where to get this domain name based on one
of the following three options: … | scalar | Enumeration | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.21 |
| ldapForestName mandatory In order to discover Global Catalogs (GC), the forest name must be configured
in the ForestName property. The Global Catalogs are required for users who belong
to universal grou… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.22 |
| ldapAuthCfg mandatory If ldapAuthCfg is set to 0, LDAP server is used to authenticate and authorize
users. If it is set to 1, LDAP server is only used to authenticate users.
Note:LDAP Authen… | scalar | Enumeration | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.23 |
| ldapSearchDomain mandatory This parameter may be used as the domain name in the DNS SRV request,
depending on how the Domain Source parameter is configured. | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.24 |
| ldapServiceName mandatory The DNS SRV request sent to the DNS server must also specify a service name.
The configured value will be used for this purpose. If left blank, the default
value used is 'ldap'.… | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.25 |
| ldapServer2NameOrIPAddress mandatory A NULL terminated 64 byte string that contains the
LDAP server host name or IP address (a.b.c.d). | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.3 |
| ldapServer2PortNumber mandatory LDAP server port number. | scalar | Integer32 | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.4 |
| ldapServer3NameOrIPAddress mandatory A NULL terminated 64 byte string that contains the
LDAP server host name or IP address (a.b.c.d). | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.5 |
| ldapServer3PortNumber mandatory LDAP server port number. | scalar | Integer32 | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.6 |
| ldapServer4NameOrIPAddress mandatory A NULL terminated 64 byte string that contains the
LDAP server host name or IP address (a.b.c.d). | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.7 |
| ldapServer4PortNumber mandatory LDAP server port number. | scalar | Integer32 | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.8 |
| ldapRootDN mandatory Distinguished Name for root entry of directory tree.
An example might look like dn=foobar,dn=com. | scalar | OctetString | .1.3.6.1.4.1.2.3.51.3.3.4.2.6.9 |