Click Repositories > New LDAP repo.
Select Other from the LDAP type list.
Specify a container for the users in Base DN. When you select the Subtree option, Advanced Authentication performs a search for the users in all the child nodes. You can change the search scope by selecting the Search one level only option.
Specify a user account in User and specify the password of the user in Password. Ensure that the user's password has no expiry.
You can specify a container for the groups in Group DN (optional). When you select the Subtree option, Advanced Authentication performs a search for the groups in all the child nodes. You can change the search scope by selecting the Search one level only option.
Under Advanced Settings, specify objectGUID as object ID attribute and userProxy as user class.
Click Save.
NOTE:The drawback of this solution is that Advanced Authentication server does not validate the user attributes (account disabled, account locked out, and so on). This solution is beneficial when the users log on using the chain that does not include the LDAP password method (for example, CARD + PIN). However, LDS validates the user attributes in both the above scenarios when the LDAP password method is in use.