The Enoten Range Management tool Ranger requires gathering of Active Directory information using LDAP to provide functionality within the product. The bridge application is the same as the standard UDM Pro Bridge we would recommend you use similar specifications server to those found at the UDM Pro Bridge Guide.
Recommended Hardware
AD Users | UDM Bridge Server | ||
CPU | Memory | Free Disk Space | |
< 10,000 | 4 @ 3.2Ghz | 4GB | 100GB |
< 20,000 | 4 @ 3.2Ghz | 8GB | 150GB |
> 20,000 | 8 @ 3.2Ghz | 8GB | 200GB |
If you have more than 10,000 AD users a seperate AD sync bridge should be dedicated and not used for other functionality.
Follow the UDM Pro Bridge Installation guide to install and authorise the bridge.
Once the bridge is installed go to the settings page and complete the Active Directory Sync settings. In most cases you do not need to complete all the fields the defaults shown in grey will suffice. The minimum required are the Server Host, Bind Username, Bind Password and syncing bridge. Note: The syncing bridge is not required when you are using the on-premise UDM server.
Setting | Description |
---|---|
Server Host | FQDN or IP address of an Active Directory Server or Global Catalog |
Server Port | The port to connect to the server to query AD. You can connect to server for standard LDAP queries using port 389 or when using SSL port 636. . If the server is a Global Catalog server you can use port 3268 or when using SSL port 3269 to do the queries. |
Use SSL | Enable SSL connection to the AD server. When this is enabled you will also be given the opportunity to include a base64 encoded certificate for the connection. This is only needed if the AD server is using a self-signed certificate or one signed by an unrecognised CA. |
Bind Username | If authentication is required to perform the LDAP query enter the username |
Bind Password | If authentication is required to perform the LDAP query enter the password for the Bind account |
Search Root | The search defines the location to start synchronizing from. If all the entries required to be synchronized are under a seperate OU you should use this as the root. By using a refined search you will limit the number of entries retrieved, which will enhance performance. |
User Query | This defines the query to be used to find users in your AD. This normally doesn't need to be changed. |
Group Query | This defines the query to be used to find groups in your AD. This normally doesn't need to be changed. |
Contact Query | This defines the query to be used to find contacts in your AD. This normally doesn't need to be changed. |
Syncing Bridge | Select the bridge you will use for performing the AD sync. Note: If you are using the on-premise version of the server and have less than 50,000 users you do not need to use a bridge. |