In the console tree of ISA Server Management, click
In the details pane, click Define LDAP and RADIUS
On the LDAP Servers tab, click Add to open the
Add LDAP Server Set dialog box.
Provide a name for the LDAP server set.
Click Add to add each LDAP server name, description, and
time-out. Time-out is the amount of time (in seconds) that ISA
Server tries to obtain responses from the LDAP server before trying
the next LDAP server in the ordered list. Note that you can change
the order in which the servers are accessed by using the UP ARROW
and DOWN ARROW keys.
In Domain, provide the fully qualified domain name
(FQDN) for Active Directory. Note that this is the domain in which
the user accounts are defined, and not the domain to which ISA
Server is joined.
Select Use Global Catalog if you are using a global
Select Connect LDAP servers over secure connection if
you want to encrypt the LDAP communication (use the LDAPS
You can type the credentials used to connect to Active
Directory for verifying user account status and changing account
passwords. This enables you to have password management
functionality for HTML form authentication. For more information,
Click OK to close the Add LDAP Server Set dialog
In Login Expression, click New to add a login
expression. A login expression allows you to assign an LDAP server
set to a specific group of users. For example, you can assign one
LDAP server set to the users FABRIKAM\*, and another LDAP
server set to the users CONTOSO\*. The login expressions are
queried by ISA Server in the listed order. You can change the order
using the UP ARROW and DOWN ARROW keys.