Lightweight Directory Access Protocol (LDAP) is an application protocol for querying and modifying directory services running over TCP/IP. This can be used to validate a LOGON password against the contents of an LDAP server instead of the USER table. A username and password are sent to an LDAP server for authentication which produces a response of either "accepted" or "rejected".
The LDAP userid, typically in the format 'cn=Joe Blow,ou=organisation unit', will usually be different from the LOGON userid, so it can be stored in the external_id field on the USER record.
Depending on the particular LDAP implementation the passwords may either be static, or supplied by a One Time Password (OTP) generator.
When this option is turned on in the Menu Control Data it applies to all users EXCEPT the following:
For details on how to turn this option on please refer to FAQ 114.
