To set up LDAP authentication in Cerberus FTP Server, you will need the following information about the LDAP server:
- Parameter: FQDN or IP address of the LDAP server to search.
- The network port of the LDAP server.
- Enable SSL: Checkbox to determine whether the connection to the LDAP server is encrypted. The LDAP server must support encryption (port 389 for unencrypted LDAP, port 636 for LDAPS).
Base DN (Distinguished Name):
- The distinguished name to use as the search base.
User DN (Distinguished Name):
- The FDN (fully distinguished name) of an account with read privileges to the LDAP server.
- The password for the User DN account. Note that this password is encrypted when saved.
User DN Attribute:
- The name of the uid attribute for a user in the LDAP directory.
Default Settings for LDAP Users:
By default, all LDAP users are assigned the same virtual directories and permissions. These defaults are configured under the "Default Group and Virtual Directory Mapping for LDAP Users" section of the LDAP Users page.
User Custom Mappings:
If you want to customize directory and permission mappings for individual LDAP users, you can use the "User Custom Mappings" button. This allows you to override the default settings for a user by mapping individual LDAP users to Cerberus groups. Mapped LDAP users will receive the settings and virtual directories from the mapped group instead of the defaults.
Note: Ensure that the LDAP server supports the specified configurations, especially if SSL is enabled. Also, refer to your LDAP server documentation for any specific requirements or recommendations.