LDAP Settings
This service allows you to compile user information from within Ocean Mail Server into databases which can be accessed from any LDAP enabled software. This is useful for creating shared address books which can be downloaded into mail clients or to allow external mail software to query the server for the existence of a particular user. |
LDAP
 Enable - This controls whether the service is enabled.- Port - This controls what port the service will listen on. It is recommended that you keep the default value of 389 as this is the standard LDAP port.
- Max Connections - This controls the maximum number of simultaneous connections the service will allow. It is recommended that this value be no higher than 200.
- Idle Timeout - If a connection remains idle, this value will control the period of time before the connection is forcefully shutdown.
- Use Server Default - If selected, this will bind the ports to the IPs specified by the Server Admin Settings.
- Bind to All Available IPs - If selected, this will bind the ports to all available IPs.
- Listen Only on IP(s) - If selected, this will bind the port to the IPs listed here. To set multiple IPs, simply separate each IP with a semi-colon (‘;’). Also, it is acceptable to specify a domain name instead of an IP.
- Use Explicit SSL - This option is not available for LDAP.
- Use SSL Version 2/3 Mode With TLS - This option is not available for LDAP.
- Use Implicit SSL - This option is not available for LDAP.
- SSL Port - This option is not available for LDAP.
- Certificate - This option is not available for LDAP.
- Enable Anti-Hammering - Enabling this option will protect the service against brute force password guessing attacks. If an IP performs too many login failures, that IP will be blocked for a set period of time. For more information please view the Server Admin Settings page.
|
IP Control
 Enable IP Black List - If enabled, then the IPs and IP ranges in the list box will be blocked from accessing the service.- Enable IP White List - If enabled, then the IPs and IP ranges in the list box will always be allowed access to the service. This protection overrules blocked IPs but does not overrule Anti-Hammering.
|
Databases
 Database Path - This specifies the directory where newly created databases will be saved. It is perfectly legal to have this path set to a network location. For more information on using network drives please view the FAQ page.- Default Database - This controls the default database to be used with LDAP binding (logins). If enabled, this is used as an alternative database if the database name supplied during binding does not exist.
- LDAP Databases - This is a list of existing LDAP Databases. You can also compile one or more databases. Databases must be compiled before they are accessible.
|
Add / Edit LDAP Database
 Enable LDAP Database - This controls whether the LDAP database is enabled.- Name - This is the LDAP database name which will be used to identify the database during binding.
- Use Password - If enabled, you can use this option to provide a password for authentication when binding to this database.
- Output File Path - This is the path that the compiled database file will be saved to. It is perfectly legal to have this path set to a network location. For more information on using network drives please view the FAQ page.
- Compile From: Domains - This is a list of domains that will be added to the LDAP database. All users on these domains will be added.
- Compile From: Groups - This is a list of groups that will be added to the LDAP database. All users in these groups will be added.
- Compile From: Shared Address Books - This is a list of shared address books that will be added to the LDAP Database. All users in these shared address books will be added.
|
