LDAP authentication can be performed either using an SSL connection or an unencrypted connection to the LDAP server.
You can configure the Sentinel server for LDAP authentication either with or without using anonymous searches on the LDAP directory.
NOTE:If anonymous search is disabled on the LDAP directory, you must not configure the Sentinel server to use anonymous search.
Anonymous: When you create Sentinel LDAP user accounts, the directory user name must be specified and the user distinguished name (DN) does not need to be specified.
When the LDAP user logs in to Sentinel, the Sentinel server performs an anonymous search on the LDAP directory based on the specified user name, finds the corresponding DN, then authenticates the user login against the LDAP directory by using the DN.
Non Anonymous: When you create Sentinel LDAP user accounts, the user DN must be specified along with the user name.
When the LDAP user logs in to Sentinel, the Sentinel server authenticates the user login against the LDAP directory by using the specified user DN and does not perform any anonymous search on the LDAP directory.
There is an additional approach applicable only for Active Directory. For more information, see Domain Name:.