HOW TO: Enable Directory Synchronization - Symantec Encryption Management Server

Article:HOWTO42094  |  Created: 2009-10-01  |  Updated: 2013-11-04  |  Article URL http://www.symantec.com/docs/HOWTO42094
Article Type
How To

Product(s)

Subject


This article provides step-by-step instructions how to enable and configure Directory Synchronization on Symantec Encryption Management Server (previously PGP Universal Server).

Directory Synchronization allows you to assign different user polices to specific internal user groups.  When using Directory Synchronization, Internal Users come only from the directory you specify when you enable Directory Synchronization. During enrollment, if a user exists in the directory, they are added to the system as internal users and placed in the corresponding policy for their user account.  

Symantec Encryption Management Server (SEMS) supports LDAPv2, LDAPv3, and LDAPS. You can use any of a number of directories with Symantec Encryption Management Server, although directories that more closely conform to the OpenLDAP or X.500 standards work best.

Enable LDAP Directory Synchronization

  1. Log into the SEMS administrative interface.
  2. Click Consumers and then select Directory Synchronization.
  3. Click Enable.
  4. Below LDAP Directories, click Add LDAP Directory.
  5. Type a Name and select a Type of LDAP directory.

The LDAP directory types include:

  • Active Directory
  • OpenLDAP (RFC 1274)
  1. Type an appropriate value in the Bind DN field. This value is used to initially bind (or log in) to the directory server. Binding determines the permission granted for the duration of a connection.
  2. Enter a Passphrase for the user value.
  3. Enter a Hostname for your LDAP server.
  4. Enter a Port for your LDAP server. By default the LDAP port is 389.

    Note: Click the Test Connection button to verify you can successfully connect to the LDAP server.
     
  5. Base Distinguished Names - Enter or browse for a Base DN for your domain.
  6. Consumer Matching Rules - SEMS can match a consumer's enrollment username to this LDAP Directory using a regular expression.
  7. Click Save.


Legacy ID



1682


Article URL http://www.symantec.com/docs/HOWTO42094


Terms of use for this information are found in Legal Notices