Micro Focus Enterprise Test Server 2.3 Update 2 > Enterprise Server > Enterprise Server Security > Securing an Enterprise Server Installation > Configuring Security using Active Directory > Configuring Active Directory Users as Enterprise Server Administrators > Create ES Security Managers > LDAP Security Manager

LDAP Security Manager

You will need to create a security manager to get security rules from AD over LDAP, using the MLDAP ESM Module:

Select the Security tab and click Add.

Enter the following information:

Fieldname	Contents
Name	`LDAP`
Module Name	`mldap_esm`
Connection Path	The servername
Authorized ID	cn=AD-admin,cn=users,domain-DN, for example: `cn=administrator,cn=users,DC=dept,DC=mydom,DC=com`
Password	AD-password

In the Configuration Information field, type a number of directives to alter the default behaviour. Configure this for your particular LDAP repository. A typical configuration based on the sample configuration would be:

[LDAP]
base=[domain DN]
user class=user
user container=CN=Users
group container=CN=Enterprise Server User Groups,
  CN=Micro Focus,CN=Program Data
resource container=CN=Enterprise Server Resources,
  CN=Micro Focus,CN=Program Data

[Verify]
mode=bind
password type=AD

Click Add

Note that in a production environment you would not want to use your AD administrative ID for the security manager, since that would create a security risk. It is shown only for convenience here.

In production, you would use an ID that had only the necessary permission for the repository, based on your intended use. (Basic ES security functions only need read access to the user information and the folders under cn=Micro Focus,cn=Program Data. If you want to use MFDS to administer ES groups and resources under LDAP, you have to use an account that also has write permission to the MF program data objects.)