Configure the LDAP Settings for Write Access

This procedure explains how to specify a particular LDAP directory for “LDAP write operations” performed in the Administration Console.

The LDAP directory defined in the main Console options is the default for all read operations (the Global Catalog).

The AAA Administration Console “LDAP write operations” are:

Access the Administration Console.
Select Tools, and then click Options. The AAA Server Administration Console Options window is displayed.

Note: The “write access” configuration is available only for Active Directory deployments where the Global Catalog is activated.

In the Connections settings section, click Alt Settings.....
Select Use these specific LDAP settings for LDAP write operations.
If the option is unchecked, the default LDAP directory is used for both LDAP read and write operations.

Define the LDAP “write” connection settings and test them.

Setting	Description
Host	Enter the IP address or hostname of the server where your LDAP directory resides. If you are using multiple LDAPs, separate the server identifiers by a space.
Port	Enter the LDAP directory server’s listening port (the default value is 389).
LDAPS connection	Select the option and specify the path of the trusted certificate .cer file to connect to the LDAP via SSL. This must also be specified in the server configuration. Note: The CN attribute in the certificate must match exactly the "Host" defined above. For example, if the host name CN in the certificate is "host.company.com", then the Host defined above must also be "host.company.com".
Login DN	Connection name for AAA Server to use to authenticate to the LDAP directory (only if you have a protected directory). This user must have write permission to be able to store the device serial numbers in the directory.
Password	For the Login DN. Note: The maximum password length is 24 characters.