If you want to connect to the LDAP server by using an SSL connection and the LDAP server certificate is not signed by a well-known CA, you must export the LDAP server CA certificate to a Base64-encoded file.
eDirectory: See Exporting an Organizational CA's Self-Signed Certificate.
To export an eDirectory CA certificate in iManager, the Novell Certificate Server plug-ins for iManager must be installed.
Active Directory: See How to enable LDAP over SSL with a third-party certification authority.
To perform LDAP authentication using anonymous search, you must enable anonymous search in the LDAP directory. By default, anonymous search is enabled in eDirectory and is disabled in Active Directory.
eDirectory: See ldapBindRestrictions in section Attributes on the LDAP Server Object.
Active Directory: The ANONYMOUS LOGON user object must be given appropriate list permission and read access to sAMAccountName and objectclass attributes. For more information, see Configuring Active Directory to Allow Anonymous Queries.
For Windows Server 2003, you must perform additional configuration. For more information, see Configuring Active Directory on Windows Server 2003 .