Search | Directories | Reference Tools
UW Home > UWIN > Computing and Networking > Identity and Access Management > Directory Services 
Home
UW Directories 
Developer Info 
Data Publishing 
Software 

Directory Services

LDAP Authentication Methods

The Person Directory and Groups Directory require use one of the following authentication methods:

Method Description
SASL Bind Standard SASL (Simple Authentication and Security Layer) Bind mechanism is supported. We recommend SASL EXTERNAL (SSL client certificate) authentication using UW Services CA certificates. But SASL GSSAPI (Kerberos) authentication is also supported.
Non-Standard Simple Bind Non-standard client certificate authentication via standard Simple Bind is supported. Binding with name cn=external and password X509 causes the server to look for an SSL client certificate and use its subject name for the actual bind DN. The SSL connection must be made using a client certificate from the UW Services CA, either on the LDAPS service port (636), or StartTLS negotiated on the normal LDAP port (389).