Adding a Directory Service to Faspex

  1. Go to Server > Authentication > Directory Services.
  2. To configure your directory service to work with IBM Aspera Faspex, check Enable Directory Service and enter your configuration details (example displayed below).
    Option Description
    Directory Service Name Your name for this directory service.
    Enable Directory Service Activate this directory service for Faspex.
    Directory Service Type Select from one of the following options:
    • 389/Red Hat/Fedora Directory Server
    • Apple Open Directory
    • Microsoft Active Directory (AD)
    Use secure mode (TLS)
    Note: Aspera highly recommends turning this setting on to secure your server.
    By default, LDAP traffic is transmitted unsecured. You can make LDAP traffic confidential and secure by enabling TLS. The port number will automatically change to 636 when TLS is enabled.
    Server The directory server's address.
    Port The directory server's port number. By default, unsecured LDAP uses port 389, unsecured global catalog uses port 3268, and global catalog over SSL uses port 3269. If TLS is enabled, then the port number automatically changes to 636.
    Treebase The search treebase (for example, dc=myCompany,dc=com for
    Username Attribute The attribute for the type of login name for users of this directory service. For example, for Microsoft Active Directory, the mail attribute specifies the DS user login should be an email address, and samaccountname specifies it should be a pre-Windows 2000 login name.
    Login Method
    • Anonymous
    • Provide Credentials

    If Provide Credentials is selected, then you are required to input your directory service login and password below.

    Login Directory service user name, which is typically a Distinguished Name (DN) (for example, CN=Admin,CN=Users,DC=myCompany,DC=com).
    Password Directory service password.

    When finished, click Save and Test. If Faspex successfully connects to your directory server, it displays the following information:

    Connected: YES
    Authenticated: YES
    Note: If the same user (identified by the username attribute) is a member of more than one directory, the user is only imported once from the first sync.  The duplicated user from the second directory is not imported, and a warning is logged in the sync history.