<< Click here to display Table of Contents >> Navigation: Accounts Menu > Account Settings > Active Directory:

Authentication

Contents

Access to Active Directory may require special permissions to be set for all features to function.

Active Directory Authentication

Bind DN

This is the DN that MDaemon will use when binding to Active Directory using LDAP. Active Directory permits the use of a Windows account or UPN when binding.

When using a DN in this option rather than a Windows logon, you must disable/clear the "Use secure authentication" option below.

Password

This is the password that corresponds to the DN or Windows logon used in the Bind DN option above.

Use secure authentication

Click this checkbox if you wish to use secure authentication when performing your Active Directory searches. You cannot use this option when you are using a DN rather than a Windows logon in the Bind DN option above.

Use SSL authentication

Click this checkbox if you wish to use SSL authentication when performing your Active Directory searches.

Use of this option requires an SSL server and infrastructure on your Windows network and Active Directory. Contact your IT department if you are unsure if your network is setup this way, and to find out if you should enable this option.

Email address attribute

This attribute is used for MDaemon mailing lists and is only available when accessing the Active Directory options located on the Mailing Lists dialog.

Active Directory Searching

Base entry DN

This is the Distinguished Name (DN) or starting point in the Directory Information Tree (DIT) at which MDaemon will search your Active Directory for accounts and changes. By default MDaemon will begin searching at Root DSE, which is the topmost entry in your Active Directory hierarchy. Designating a more precise starting point closer to the location of your user accounts in your particular Active Directory tree can reduce the amount of time required to search the DIT for accounts and account changes. Leaving this field blank will restore the default setting of LDAP://rootDSE

Search filter

This is the LDAP search filter that will be used when monitoring or searching your Active Directory for accounts and account changes. Use this filter to more precisely locate the desired user accounts that you wish to include in Active Directory monitoring.

Search scope:

This is the scope or extent of your Active Directory searches.

Base DN only

Choose this option if you wish to limit your search to only the base DN specified above. The search will not proceed below that point in your tree (DIT).

1 level below base DN

Use this option if you wish to extend your Active Directory search to one level below the supplied DN in your DIT.

Base DN and all children

This option will extend the scope of your search from the supplied DN to all of its children, down to the lowest child entry in your DIT. This is the default option selected, which when combined with the default Root DSE setting above means that the entire DIT below the Root DSE will be searched.

Page size

If the results of an Active Directory query exceed a specified number of entries, then they will be returned in separate "pages" in order to retrieve all the results. This setting is the maximum number of entries that will be included per page.

Verbose AD logging

By default MDaemon will use verbose logging for Active Directory. Clear this checkbox if you wish to use less extensive Active Directory logging.

Test these settings

Click this button to test MDaemon's Active Directory configuration.