Ldap protocol – 8e6 Technologies Enterprise Filter Authentication R3000 User Manual
Page 218
A
PPENDIX
A: A
UTHENTICATION
O
PERATIONS
T
IER
1: S
INGLE
S
IGN
-O
N
A
UTHENTICATION
204
8
E
6 T
ECHNOLOGIES
, R3000 I
NTERNET
F
ILTER
A
UTHENTICATION
U
SER
G
UIDE
Since SMB Signing is not currently supported by the R3000,
8e6 recommends disabling the requirement for this feature.
This does not disable SMB Signing for machines that
support it, but allows devices that do not support SMB
Signing to connect. To disable the default setting that
requires SMB Signing for all connections, follow the instruc-
tions in Appendix B: Disable SMB Signing Requirements.
Alternately, if you have an available Windows 2000
Server—or an earlier Windows NT 4.0 Server—and are
willing to establish the necessary trust relationships with the
Windows 2003 Server, this earlier Windows server can be
used as the primary authentication server for the R3000
instead of the Windows 2003 Server.
NOTE: For information on SMB Signing compatibility with the
R3000, refer to the chart in Appendix B: Disable SMB Signing
Requirements.
LDAP protocol
LDAP is a directory service protocol that stores entries
(Distinguished Names) in a domain’s directory using a hier-
archical tree structure. The LDAP directory service is based
on a client/server model protocol to give the client access to
resources on the network.
When a client connects to a server and asks it a question,
the server responds with an answer and/or with a pointer to
the server that stores the requested information (typically,
another LDAP server). No matter which LDAP server the
client accesses, the same view of the directory is “seen.”
The LDAP specification defines both the communication
protocol and the structure, or schema, to a lesser degree.
There is an Internet Assigned Network Authority (IANA)
standard set that all LDAP directories should contain. Novell
and Microsoft both have additional schema definitions that
extend the default setups.