The options described in this document require EZproxy 3.2a GA (2005-03-28) or later.
EZproxy has a built-in tool for developing your LDAP configuration. To access this tool, start with EZproxy Administration for information on how to login as an administrator. Once you are at the EZproxy administration page, select "Test LDAP" then use the following procedure to determine the needed configuration.
In the Host field, enter the name of your Active Directory server. If you have a forest with multiple domains, enter the name of one of the domain controllers that holds the user information against which you want to authenticate.
Do not place ldap:// or ldaps:// in front of the host.
If your server is on a non-standard port, add a colon (:) and the port number at the end of the name.
Check "Disable Referral Chasing."
Click "find search base".
In the majority of Active Directory installations, anonymous search is disabled. For production use, you will need to create an account and assign it to EZproxy to use for searching the directory. The account does not require special privileges, but only the ability to search the directory and read attributes you want to test.For initial testing, you can use your own Active Directory account. If you know your accounts complete, distinguished name (e.g., cn=someuser,cn=Users,dc=yourlib,dc=org), you can use this format. If you do not know the complete form, you can look up your account in Active Directory Users and Computers. Right click your account and select properties. Click on the Account tab. For the Bind User, enter the username that appears under the "User logon name" , followed by @ and the domain name that appears to its right (e.g., email@example.com). For the Bind Password, enter your password.
Leave the Search Filter as "(objectClass=person)".
In the Search Attribute box, the most common choice for Active Directory is sAMAccountName.
In Test User, enter just the user part of your account (e.g., someuser).
Once you have the basic entry working, refer to LDAP Authentication for information on additional tests based on group membership and attributes assigned to accounts.