To connect to an LDAP server, you have to do some configuration for the connection first - all
the according options are shown in the LDAP Connections dialog:
All the configuration you need for connecting to an LDAP server is done in the panel area on the right side of this dialog. You don't have to care about the additional tabs Advanced, Attribute Filter and Columns. you won't need in in your first connection configuration. The following list shows you the mandatory initial settings for a LDAP connection on the Server tab:
LDAP server address:
The Server field can be an IP address or a network name of an LDAP server. If you are not sure about the TCP Port number of the server you want to connect to, choose the standard port 389. If your server allows only connections which are protected by SSL (Secure Socket Layer) encryption, then you have to activate the according checkbox.
LEX can try to detect some LDAP servers for you (Option Detect). The automatic detection mechanism finds NetWare eDirectory Servers when they are configured as LDAP servers and when your workstation is somehow connected to them with an Novell Client for Windows. The automatic detection mechanism also finds Active Directory Domain Controllers when your workstation is member in an AD domain, or when there is any DNS information available about AD specific SRV records in any DNS zone which is known to your workstation (use IPCONFIG /ALL to see what DNS domains are searched by your workstation). After all, you can enter any domain name in the Server field and the detection mechanism tries to retrieve some DC information in the given domain name. Sometimes the AD DC detection over DNS doesn't retrieve any information, depending on how the according DNS servers are requestable for service records (SRV).
The RootDSE button shows you the RootDSE entry if some address is given in the Server field and if the server is reachable on the given LDAP Port. In the RootDSE entry, every LDAP server announces some information about itself.
User / Password:
You have to authenticate somehow to the LDAP server. This authentication process is called 'bind' operation in the world of LDAP. So you have several different choices here:
LDAP Base DN:
This is the LDAP base from which LEX displays the LDAP hierarchy of the chosen server. You can enter any kind of container object which you want to be the top level of the LDAP structure you plan to access with LEX. The LDAP base has to be an LDAP distinguished name, like 'ou=container1,ou=container2,o=organization,c=country '. If you want to see an entire namespace in an LDAP server, just enter the top level hierarchy, for an Active Directory domain named 'ldapexplorer.com' this would look like 'dn=ldapexplorer,dc=com'. Many LDAP server provide public information about the namespaces they hold in their database(s), you can fetch this distinguished names with the option Fetch.
If you have entered all the relevant information to open your first connection to an LDAP server
with the Explore option, you could choose to save this connection profile,
so that you can launch this LDAP connection very quickly the next time you use LEX. Just choose Save for
this and choose a name for the connection configuration - when you want to use this connection
in the future, you just have to double-click the appropriate entry in the list on the left side:
If you choose to save the connection profile together with the user password, please note that the connection information is stored on your hard disk as a Rijndael encrypted file (AES Advanced Encryption Standard) in your Profile and Filter Storage Path. So if a user password is contained in the profile, it is very well protected against disclosure.
Another effect of saving the connection profile: Next time you start LEX, the last used connection profile connects automatically. This behavior is set by default and can be changed with Tools - Options - General.