Creating an internal LDAP

This type of directory is hosted by your Stormshield Network multi-function firewall, and your information is stored in it once the LDAP directory is created.

Step 1: Selecting the directory

As indicated above, the LDAP database option has to be selected in order to confirm your choice. This is the first step in the configuration of a directory.

Select the option Connect to an internal LDAP directory and click on Next.

Step 2: Accessing the directory

In this second step, you will need to enter general information concerning the LDAP database that you wish to create. The information entered here will reappear in your firewall’s LDAP directory schema. The name of your directory will be automatically created based on the value of the Organization and Domain fields.

Organization

Name of your company (e.g.: mycompany).

 

Domain

The extension of your domain name (e.g.: fr, eu, org, com, etc.).

Password

Defines the password for LDAP administration.

Confirm

Confirmation of the LDAP administration password that you have just entered in the previous field.

Mandatory password strength

This field indicates your password’s level of security: “Very Weak”, “Weak”, “Medium”, “Good” or “Excellent”.

 

You are strongly advised to use uppercase letters and special characters.

NOTE

Only the password can be modified later, after you have configured your internal LDAP.

 

Click on Finish to display the internal LDAP directory screen.

Internal LDAP directory screen

Once the configuration of the LDAP directory is complete, you will arrive at the internal LDAP screen which sets out the following items:

Configuration

Enable user directory

This option allows starting the LDAP service.

If this option is not selected, the module will be inactive.

Organization

This field will contain the name of your company, entered earlier.

Domain

This field will contain your company’s domain.

Username

The login that will allow you to connect to the internal LDAP base.

Password

The password allowing the firewall to connect to the directory.

This password can be modified.

Confirm

Confirmation of the LDAP administration password that you have just entered in the previous field.

Mandatory password strength

This field indicates your password’s level of security: “Very Weak”, “Weak”, “Medium”, “Good” or “Excellent”.

You are strongly advised to use uppercase letters and special characters.

Access to the internal LDAP

Enable unencrypted access (PLAIN)

Data entered will not be encrypted, but displayed in plaintext.

Enable SSL access (SSL certificate presented by the server)

In order to set up SSL access, you will need to select a certificate server already generated by your root CA, or an imported certificate.