LDAP Authentication

The LDAP authentication wiki page needs lots of attention. Please feel free to update this page to make it better.

Note: The web proxy must be running in non-transparent (i.e., conventional) mode for authentication.

Authentication Method - LDAP



The Local authentication method (auth_param basic programm) offers ...

Global authentication settings


Number of authentication processes

Specifies the authentication process which can be started. If more authentication processes are needed, so there may be delays during authentication. To correct this behavior, it would help to set the value up (default value are 5).

Authentication cache TTL (in minutes)

Specifies the "time-to-live" value of the cached user data in minutes. This value is measured from the last request (default 60 min.) .

Limit of IP addresses per user

Here you can set how many simultaneous logins per user are permitted (default is empty <-> means any number).

Require authentication for unrestricted source addresses

Unrestricted IP addresses are also subject to local authentication. If this option is disabled, an authentication does not apply to unrestricted IPs.

Authentication realm prompt

Here, an individual created text can be edited which will be displayed during the authentication process.

Domains without authentication (one per line)

Defines domains which work also without authentication.


Common LDAP settings

Base DN


LDAP Server


Bind DN settings

Bind DN username


Bind DN password


Group based access control

Required group


Edit Page ‐ Yes, you can edit!

Older Revisions • November 5 at 4:07 pm • Jon