Setting up and configuring LDAP authentication on the ProxySG or the Advanced Secure Gateway (ASG).
How do I setup and configure LDAP authentication?
LDAP authentication uses the LDAP protocol to authenticate users that are accessing network (Internet) resources. The LDAP authentication will require a pop-up box in which the user will enter their credentials (username and password) in order to access the Internet. These credentials are stored or cached by the web browser. Any time the browser is closed, the cached credentials are discarded by the browser. When a new browser window is opened, the end user will be prompted for their LDAP credentials. If users frequently close all their browser windows and open them again, and/or if the users are not accustomed to authenticating using their LDAP credentials, the users may end up complaining. If so, you may wish to consider using a different form of seamless authentication, such as IWA, Windows SSO, or Novell SSO.
STEP 1: CREATING THE LDAP AUTHENTICATION REALM ON THE PROXYSG
STEP2: CREATING POLICY ON THE PROXYSG
The assumption about policy creation is that no authentication is currently in place.
NOTE: Users will be presented with an authentication pop-up box that asks for a username and password for the name of the LDAP realm created in Step 1.2 (MyLdapRealm) above. Generally the credentials entered will be just the user's common name (CN). For example, if this is an Active Directory LDAP environment and user fred resides in the Users container, and your domain is called host.example.com, then all you need to do is enter fred for the user name and user fred's password. If you do not want users to be prompted for authentication, then you need to try a noninteractive method of authentication, such as IWA, Windows SSO, or Novell SSO.