LDAP authentication can be performed either using an SSL connection or an unencrypted connection to the LDAP server.
You can configure the Sentinel Log Manager server for LDAP authentication either using or without using anonymous searches on the LDAP directory.
NOTE:If anonymous search is disabled on the LDAP directory, you must not configure the Sentinel Log Manager server to use anonymous search.
Anonymous: While creating Sentinel Log Manager LDAP user accounts, the directory username must be specified and the user distinguished name (DN) need not be specified.
When the LDAP user logs in to Sentinel Log Manager, the Sentinel Log Manager server performs an anonymous search on the LDAP directory based on the specified username, finds the corresponding DN, then authenticates the user login against the LDAP directory by using the DN.
Non Anonymous: While creating Sentinel Log Manager LDAP user accounts, the user DN must also be specified along with the username.
When the LDAP user logs in to the Sentinel Log Manager, the Sentinel Log Manager server authenticates the user login against the LDAP directory by using the specified user DN and does not perform any anonymous search on the LDAP directory.
There is an additional approach applicable only for Active Directory. For more information, see Domain Name.