FW_H_SetLDAP

To configure LDAP server sets

  1. In the console tree of ISA Server Management, click General.

  2. In the details pane, click Define LDAP and RADIUS Servers.

  3. On the LDAP Servers tab, click Add to open the Add LDAP Server Set dialog box.

  4. Provide a name for the LDAP server set.

  5. Click Add to add each LDAP server name, description, and time-out. Time-out is the amount of time (in seconds) that ISA Server tries to obtain responses from the LDAP server before trying the next LDAP server in the ordered list. Note that you can change the order in which the servers are accessed by using the UP ARROW and DOWN ARROW keys.

  6. In Domain, provide the fully qualified domain name (FQDN) for Active Directory. Note that this is the domain in which the user accounts are defined, and not the domain to which ISA Server is joined.

  7. Select Use Global Catalog if you are using a global catalog.

  8. Select Connect LDAP servers over secure connection if you want to encrypt the LDAP communication (use the LDAPS protocol).

  9. You can type the credentials used to connect to Active Directory for verifying user account status and changing account passwords. This enables you to have password management functionality for HTML form authentication. For more information, see ISALink_Forms.

  10. Click OK to close the Add LDAP Server Set dialog box.

  11. In Login Expression, click New to add a login expression. A login expression allows you to assign an LDAP server set to a specific group of users. For example, you can assign one LDAP server set to the users FABRIKAM\*, and another LDAP server set to the users CONTOSO\*. The login expressions are queried by ISA Server in the listed order. You can change the order using the UP ARROW and DOWN ARROW keys.

Note

For more information about authentication in ISA Server, see Authentication Concepts in ISA Server 2006 on the Microsoft ISA Server TechCenter Web site.
To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, expand Configuration and then click General.
For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, expand Configuration and then click General.

Important

Each LDAP server set is a list of LDAP servers (domain controllers or global catalogs) that represent the same realm. Servers in the server set are queried to validate user credentials.
When configuring ISA Server for LDAP authentication, the configuration of LDAP servers applies to all rules or network objects that use LDAP authentication.