The external LDAP authentication mechanism attempts to bind to the specified directory server using the supplied user name and password. If this bind succeeds, the connection is closed and the password is considered valid. You configure the following External LDAP settings:
LDAP URL and whether to use SSL or StartTLS. Enter the LDAP address. Check either to use SSL or StartTLS.
The default port is 389. If you use SSL, the default port is 636.
You can configure multiple external LDAP hosts.
LDAP filter. The filter defines the search rules used for directory searches and tries to map the user name to one user on the external LDAP. You should ensure that the filter you enter results in a single entry being matched, otherwise an authentication error is returned to the user.
Example of the search filter is (email@example.com).
LDAP search base. To search within a specific part of your directory, enter a search base. It would be entered as (dc=server,dc=com).
Use DN/Password to bind to external server. If the filter you entered cannot be run using an anonymous bind, then enter the DN/password for a service account on the external LDAP that has been granted access to the attributes required to do the search.