To configure Windows Authentication - NTLMv2 with LDAP authorization, first enter the LDAP settings and then the authentication settings for Single Sign-on through Windows.
Enter the LDAP Server information:
and — or — and
Enter the, and choose or .
Enter theused to authenticate end users.
If desired, clickto set a reminder.
Continue with the. Enter the required settings:
HINT:To obtain the NetBIOS name for a domain on Windows Server 2000 or higher:
Open the Active Directory domain.msc).snap-in (
In the console tree, right-click the domain and select.
The NetBIOS name.(pre-Windows 2000) field displays the
On Windows Server 2008 or higher, you can also use the Active Directory module for Windows PowerShell to find the NetBIOS name of a domain in Active Directory Domain Services.
On Windows Server 2008 only, if the Active Directory module is not available, you may need to install it first, using this PowerShell command:
This example demonstrates how to find the NetBIOS name of the domain called mydomain.com:
Get-ADDomain -Identity mydomain.com | findstr /I NetBIOSName
A computer account in the Active Directory domain. A computer account is different than a user account. The computer account should not be associated with an actual physical or virtual computer.
To specify the Computer account for servicing
A computer account's syntax is the pre-Windows 2000 computer name, followed by a $ sign, followed by the @ symbol, and then the DNS domain name.
Syntax: <Computer name (pre-Windows 2000)>$@<DNS domain name>
For example, if the Computer name is ReflServiceAccount, the pre-Windows 2000 Computer name is REFLSERVICEACCO and the computer account is: REFLSERVICEACCOfirstname.lastname@example.org
If the password of the computer account is not already known, it must be explicitly reset in Active Directory. You can reset a computer account’s password using a simple VBScript, or the ADSI Edit tool.
This action checks the NTLMv2 connection to be sure the server is listening and is in fact a domain controller. The test attempts to authenticate to the server using the IP address or alias for the domain controller, the NetBIOS hostname, computer account, and password.
Then, the LDAP connection is tested.
Note: The Domain is not tested and could still cause an error later in the authentication process. If the result is Success, click OK and continue with your setup.
Iffails, the message specifies whether check the NTLM or the LDAP server connection failed. Check the logs and resolve the issue before continuing.
: For the , accept the default (5), or change the number.
To add another server, see Adding Another Server for Windows Authentication NTLMv2.