LDAP authentication can be performed either using an SSL connection or an unencrypted connection to the LDAP server.
You can configure the Change Guardian server for LDAP authentication either with or without using anonymous searches on the LDAP directory.
Anonymous: When you create Change Guardian LDAP user accounts, the directory user name must be specified and the user distinguished name (DN) does not need to be specified.
When the LDAP user logs in to Change Guardian, the Change Guardian server performs an anonymous search on the LDAP directory based on the specified user name, finds the corresponding DN, then authenticates the user log in against the LDAP directory by using the DN.
Non Anonymous: When you create Change Guardian LDAP user accounts, the user DN must be specified along with the user name.
When the LDAP user logs in to Change Guardian, the Change Guardian server authenticates the user log in against the LDAP directory by using the specified user DN and does not perform any anonymous search on the LDAP directory.
NOTE:If anonymous search is disabled on the LDAP directory, you must not configure the Change Guardian server to use anonymous search.