Before enabling LDAP authentication in WCM, open your firewall to allow the specific IP address and port Finalsite provides, then ensure your LDAP Directory server is configured with the required connection details.
💡Quick answers
- What firewall change is needed for LDAP? Open your firewall to allow the specific IP address and port provided by Finalsite Support — then support will test the connection.
- What information do I need before configuring LDAP in WCM? Your LDAP Directory server address, port, bind credentials, and directory structure — the server must be set up and the firewall open before beginning WCM configuration.
- What if Finalsite hosts my website? You still need to open your firewall to the Finalsite-provided IP and port so the hosted server can reach your LDAP Directory.
If WCM hosts your website for you, you need to open your firewall and allow the specific IP Address and port provided to you in order to access the LDAP Directory server. Once opened, support will test the connectivity between the servers.
Before you can set up LDAP authentication on your Web Community Manager you need to set up your LDAP Directory server and have this information available.
- LDAP server or servers
- Domain Name or IP Address for your LDAP Directory server or servers
- Secure LDAP over SSL/TLS: When your directory server is set up for secure LDAP, a certificate was installed on it. For support servers to accept that certificate as legitimate, they need to trust the issuer of that certificate.
- If the issuer is a public authority (like verisign) then support likely has trust established.
- If the issuer is a Certificate Authority (CA) within your network (the most common scenario), then support needs a copy of the CA's own certificate to add it to our servers' list of trusted root authorities.
- If the issuer is the same server as the Active Directory (a self-signed certificate) then support simply needs a copy of that certificate to trust.
- Distinguished Name (DN). The DN indicates the unique starting point within your LDAP Directory or Directories where user credentials are located.
- The user name and password Web Community Manager should use when it accesses your LDAP Directory or Directories.
- User Name Format: Is the user name format used in Web Community Manager the same format used for user names in your LDAP Directory or Directories? If you have already created user accounts in your Web Community Manager website and they are not identical to that of your LDAP Directory or Directories, the authentication process results in the creation of duplicate user accounts within Web Community Manager. If not the same, we can run a correction script that changes the format of your Web Community Manager user names to that of your LDAP Directory.
- The DN for each LDAP Directory group you wish to associate with a Web Community Manager website group and the group to which it will be associated.
* Web Community Manager only supports secure LDAP connection protocol.