Google Search Appliance Managing Search for Controlled-Access Content User Manual

Google Search Appliance: Managing Search for Controlled-Access Content

35

11. Test the LDAP server settings for a potential search user by entering the following information in

the LDAP Search User Authentication Test box and clicking Test LDAP Settings:

•

Username—The user name that enables the search appliance to connect to the LDAP server
(relative to the search base)

•

Password—The password the user name that enables the search appliance to connect to the
LDAP server

If the LDAP authentication succeeds, a listing appears similar to (in a Unix or Posix environment—
Windows LDAP servers have a different format):

uid - (user ID)
ou - (organizational unit)
dc - (company name)

If the LDAP Authentication Test settings do not successfully authenticate the user, click Cancel,
revisit and change the information you entered, and test again.

12. Test the LDAP server settings for administrator authentication by entering the following

information in the LDAP Administrator Authentication Test box and clicking Test LDAP Settings:

•

Username—The administrator user name that enables the search appliance to connect to the
LDAP server. (Relative to the search base.) To authenticate, the administrator must be a
member of the LDAP Manager Group.

•

Password—The password for the administrator user name.

If the LDAP authentication succeeds, a listing appears similar to (in a Unix or Posix environment—
Windows LDAP servers have a different format):

uid - (user ID)
ou - (organizational unit)
dc - (company name)

If the LDAP Authentication Test settings do not successfully authenticate the administrator, click
Cancel, revisit and change the information you entered, and test again.

13. After the LDAP Authentication Test is successful, click Save LDAP Settings.

The search appliance has an internal memory authorization cache to avoid wasting bandwidth and
time verifying the same credentials multiple times. The cache remains for an hour by default.

14. Open a search page in a browser or click Test Center, click public and secure content, and

perform a search against the search appliance.

15. At the authentication prompt, perform the following test:

a.

Enter a user name with the wrong password. The authentication prompt reappears and
prompts again.

b.

Enter the correct information to see the requested search results.

Enabling LDAP Authentication for a Search Appliance

To enable LDAP on a search appliance, click the Use LDAP for User Authentication during serve-time
checkbox on the Serving > Universal Login Auth Mechanisms > LDAP page. For more information,
see “Configuring a Credential Group for LDAP” on page 36.