Creating an internal LDAP

This type of directory is hosted by your Stormshield Network multi-function firewall, and your information is stored in it once the LDAP directory is created.

Step 1: Selecting the directory

As indicated above, the LDAP database option has to be selected in order to confirm your choice. This is the first step in the configuration of a directory.

Select the option Connect to an internal LDAP directory and click on Next.

Step 2: Accessing the directory

In this second step, you will need to enter general information concerning the LDAP database that you wish to create. The information entered here will reappear in your firewall’s LDAP directory schema. The name of your directory will be automatically created based on the value of the Organization and Domain fields.

Organization Name of your company (e.g.: mycompany).
Domain The extension of your domain name (e.g.: fr, eu, org, com, etc.).
Password Defines the password for LDAP administration.
Confirm Confirmation of the LDAP administration password that you have just entered in the previous field.
Password strength

This field indicates your password’s level of security: “Very Weak”, “Weak”, “Medium”, “Good” or “Excellent”.

You are strongly advised to use uppercase letters and special characters.

NOTE
Only the password can be modified later, after you have configured your internal LDAP.

Click on Finish to display the internal LDAP directory screen.

Internal LDAP directory screen

Once the configuration of the LDAP directory is complete, you will arrive at the internal LDAP screen which sets out the following items:

Configuration

Enable user directory

This option allows starting the LDAP service.

If this option is not selected, the module will be inactive.

Organization This field will contain the name of your company, entered earlier.
Domain This field will contain your company’s domain.
Username The login that will allow you to connect to the internal LDAP base.
Password The password allowing the firewall to connect to the directory.
This password can be modified.
Confirm Confirmation of the LDAP administration password that you have just entered in the previous field.
Password strength This field indicates your password’s level of security: “Very Weak”, “Weak”, “Medium”, “Good” or “Excellent”.
You are strongly advised to use uppercase letters and special characters.

Access to the internal LDAP

Enable unencrypted access (PLAIN) Data entered will not be encrypted, but displayed in plaintext.
Enable SSL access (SSL certificate presented by the server) In order to set up SSL access, you will need to select a certificate server already generated by your root CA, or an imported certificate.