Step 1: LDAP Server Connection
Depending on what type of LDAP Server you are using, you'll first have to select the LDAP Server type. Currently there are three supported types:
Please be sure to select the correct Server Type. If the wrong type has been selected, Cryptshare cannot find the LDAP users and Policy Rules will not match.
Continue by configuring the remaining connection settings. Depending on how your LDAP Server is set up you may be required to use the secure connection setting:
You may also be required to provide 'Bind DN' credentials (User credentials) in order to be able to connect to your LDAP Server.
Enter the Username (the NETBIOS/Windows Server 2012 variant) and the password of a User, who is allowed to ask LDAP:
Please note that the connection check cannot identify if the directory type has been set correctly.
Use the 'Check Connection' button to find out whether your settings are correct and if a connection can be established. If no connection can be established, a respective error message will appear. Along with the error message a more detailed log entry will give more precise information about this error together with an LDAP 'ResultCode'.
The result code is a standardized LDAP result code. For more information on single LDAP result codes please refer to the following links:
Step 2: LDAP Attribute Selection
After successfully configuring the LDAP connection settings, section 2 for the LDAP settings will appear and offer a visual interface for selecting the LDAP Attributes containing the email addresses of individual LDAP users.
As long as no email attributes have been selected, Cryptshare is unable to determine the email addresses of the LDAP users and Policy Rules cannot match
On the left hand side an LDAP Tree containing all LDAP entries is shown. Select a user entry by clicking on it. While hovering with the mouse above single entries, a popup will occur showing the LDAP attribute values for this entry:
When selecting an entry, an additional view will appear on the right side showing the LDAP attribute names and corresponding values. If you have selected an LDAP user entry, you can now go on and select those LDAP entries containing the email addresses of users.
Finish the configuration by clicking the 'Save' button. Cryptshare is now ready for setting up LDAP-based Policy Rules (see Policy Settings).