Within ZD we might need to enable LDAP look ups to facilitate in using Active Directory logins to the firewall for administration, or authentication for Guest pass creation/ZeroIT.
Recently I had to do this, and it had been a while, so I decided to write a short entry on it.
So in this case I am configuring LDAP for use with Guest pass so domain users have to sponsor guest wireless accounts.
Below shows the options for our Test-AD LDAP server. There are some key things here.
Notice in this case we are not using TLS.
The Base DN and admin DN are the location of the user who can perform lookups in AD. The best way to find this info is going to AD user/computers and under “View” enable “Advanced features” then go into the details of the user account- you will have a “attribute editor” tab. The User DN is located, if you double click that attribute you can copy it directly.
Next key attribute is “sAMAccountName” under key attribute – that attribute is really just the windows user login account name.
That’s it! I will do another entry on setting up guest pass where domain users can sponsor accounts.