LDAP Server Sets
The LDAP Server Sets interface allows administrators to configure server set settings.
An active LDAP Server must be assigned to a server set. The default LDAP Server will initially display under Available Servers and it must be moved into Assigned Servers. The arrow keys can be used to move the LDAP Server.
Note
All servers within the server set should hold read-write replicas of the same Directory Information Tree (DIT).
 |
The Advanced Options to configure the LDAP Server Set can be viewed by clicking the Advanced Options toggle.
Field Name | Description |
|---|---|
Reference ID | The RapidIdentity internal id of the Server Set. In the legacy UI, this field was called "ID". |
Initial Connections | This setting is used for LDAP connection pooling and is the specified number of connections that are opened when RapidIdentity Portal starts. |
Max Connections | This setting is used for LDAP connection pooling and is the maximum number of connections that RapidIdentity Portal will establish with the LDAP server at any given time. |
Authentication Pool Initial Connections | This setting is used to specify the initial size of the authentication LDAP connection pool. Default = 4. |
Authentication Pool Max Connections | This setting is used to specify the maximum size of the authentication LDAP connection pool. Default = 20. |
Deference Policy | This setting is used to specify the alias deference policy for LDAP searches. Default = NEVER. |
Max Search Results | This setting is used to specify the maximum number of results to return for general purpose searches. This is meant to keep rogue requests from overwhelming the server. Default = 1000. |
Search Time Limit | This setting is used to specify the maximum LDAP search time limit. Default = 30 seconds. |
Capture Search Stats | This setting is used to specify that the server should request search statistics from Active Directory when performing searches. This only works for Active Directory servers and the results will be printed in the logs. This should not be on for general purposes but may be helpful in tracking down why some searches are slow. Default = false. See this page for more info: LDAP_SERVER_GET_STATS_OID. |
Domain Scoped | This setting is used to specify that LDAP requests contain the LDAP_SERVER_DOMAIN_SCOPE_OID control which instructs the LDAP server to not generate any referrals when completing a request. |
Use Active Directory Fast Bind | This setting is used to specify that Active Directory Fast Bind is used for authenticating user logins. |