Using LDAP User Database

Note: Configuring Ipswitch Instant Messaging to access an LDAP Short for Lightweight Directory Access Protocol, a set of protocols for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite. Because LDAP is an open protocol, applications need not worry about the type of server hosting the directory. user database requires specific connection information about the LDAP server A server is a program running on a networked computer that processes requests from a client program, which is usually running on another networked computer. The client and server communicate using a protocol. For example, an FTP client communicates with an FTP server using an FTP protocol.. If you do not know this information, contact the LDAP server administrator.

To use an LDAP database for user authentication:

1. Navigate to the IIM Ipswitch Instant Messaging is one component of the Ipswitch Collaboration Suite. IIM enables teams to communicate instantly with groups around the world or around the corner, and can be installed behind a firewall so interoffice communications never leave the office. General Settings page by clicking the General tab. Select General Settings. The General Settings page appears.
2. From the Authentication Database list box, select LDAP. Click the Configure button. The LDAP Configuration page appears.

LDAP Configuration

• Server Name. In the text box, enter the hostname of your LDAP server.
• Port Number. In the text box, enter the number of the port your LDAP server monitors for queries. For most LDAP configurations, the default value of 389 will work.
• Use SSL Secure Sockets Layer is used for communications between a browser and server. SSL encrypts mail communications so they can be read only by the intended recipients. SSL uses "certificates" to authenticate the client and server, and uses a private key "pair" to encrypt and decrypt communications. All of the major browsers are SSL-enabled.. Select the checkbox if you want LDAP queries to be encrypted using Secure Sockets Layer. Your LDAP server must be configured to accept SSL connections for this option to work.
• User Authorize DN. In the text box, enter the portion of the LDAP schema to use for user authentication.
• User Search DN. In the text box, enter the portion of the LDAP schema to use as a root for finding users.
• User Search Filter (All Users). In the text box, enter the search string to use to return all users.
• User Search Filter (Single User). In the text box, enter the search string to use to return one specific user.

Remote Contact List Import Context

• Username. In the text box, enter the Username of any user in the LDAP database. This information will be used to authenticate any requests by remote servers to import the local user database.
• Password. In the text box, enter the Password of any user in the LDAP database.

LDAP Test Account

• Account Name. Enter an account name of any account in the LDAP database. The information will be used to authenticate whether or not your settings are valid for authenticating a test user.
• Password. Enter the password for the above account.
• Test Configuration. Click the button to test your configuration. One of the following messages appears: "Test Successful" or "Test Unsuccessful".
• Save. If the Test is successful, click to save your settings. An "Update Successful" message and the time of the update appears.

Sample Configurations

Microsoft LDAP/Active Directory Server Sample Configuration

• Server Name: ldapserver.ipswitch.com
• Port number:389
• User Authorize DN: uid=%s,ou=People,o=imailserver.ipswitch.com
• User Search DN: CN=Users,DN=ldapserver,DC=ipswitch,DC=com
• User Search Filter (All Users) (|(objectClass=user)(objectClass=person))
• LDAP User Search Filter (Single User): (&(|(objectClass=user)(objectClass=person))(CN=%s))

Using LDAP with Non-standard Mappings

If your user database contains unusual or non-standard field names, you can still use the database to authenticate Ipswitch IM users by modifying the Ipswitch IM Server mapping data in the Windows registry.

Note: Changing the standard field mappings requires editing the Windows registry. You should always back-up your registry before modifying it directly.

To modify the mapping data:

1. Open the windows Registry Editor by selecting Start > Run and entering regedit. Click OK.
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\Messenger Server\Settings\LDAP.
3. Modify the registry strings to match your configuration, then exit the Registry Editor.

   The keys that can be modified include:

   • LDAP Mapping (DisplayName) is the name of the LDAP attribute you want to map to the DisplayName attribute in Ipswitch IM. If you are using Ipswitch IMail Server LDAP, change this value to CN.
   • LDAP Mapping (EMAIL) is the name of the LDAP attribute you want to map to the Email attribute in Ipswitch IM.
   • LDAP Mapping (Username) is the name of the LDAP attribute you want to map to the Username attribute in Ipswitch IM. If you are using Ipswitch IMail Server LDAP, change this value to UID.
   • LDAP Mapping (WebSite) is the name of the LDAP attribute you want to map to the WebSite attribute in Ipswitch IM.