5.4 Active Directory

If you are using Active Directory as the LDAP source for iFolder, consider the following guidelines:

  • During iFolder server configuration, you must select the Require a secure connection between the LDAP server and the iFolder Server option.

  • Ensure that iFolder proxy user is assigned read rights on the configured user containers and attributes of user objects.

  • For all users, the User must change password at next login option must not be set. Setting this option will lead to a login failure and an appropriate message will be displayed in the Simias.log file.

  • When you specify the LDAP proxy DN in YaST, user with same name (for example, cn=iFolderProxy) must not exist in any other container

  • Active Directory server must be SSL-enabled.

For information on how to configure Active Directory as an alternate LDAP server, see Section 6.5, Configuring the iFolder Enterprise Server with Active Directory as an LDAP source.