Configuring the Authentication Service for LDAP


Configuring the Authentication Service for LDAP

The Symantec Product Authentication Service supports Lightweight Directory Access Protocol (LDAP) authentication through a plugin module, authldap, that ships with the Authentication Broker. authldap is a shared library based on RFC 2307. It can be configured to communicate with one LDAP directory server per security domain.

We recommend the following for deploying the Authentication Service with LDAP:

  • Use the schema specified in RFC 2307 when storing NIS data in LDAP directories

  • Configure to communicate to a single LDAP directory server per domain at any given time

  • Deploy with Secure Socket Layer (SSL) enabled because user name and password are unprotected during transmission

To configure the Authentication Service for use with LDAP

  1. Shut down the Symantec Product Authentication Service server.

  2. Locate the VRTSatLocal.conf file.

    This file resides in the following location:


    Windows—\Program Files\Veritas\Security\Authentication\systemprofile

  3. Edit the VRTSatLocal.conf file by doing the following:

  4. Restart the Authentication Service server. (You do not need to reboot the Authentication Service host.)

Terms of use for this information are found in Legal Notices.



Did this article answer your question or resolve your issue?


Did this article save you the trouble of contacting technical support?


How can we make this article more helpful?

Email Address (Optional)