variable, enter the distinguished name of an LDAP user with authority to connect to the LDAP server and conduct a search for the PowerExchange user. Enclose the
value in double quotation marks (").
If you do not define the LDAP_BIND_DN statement or the LDAP_SASL_MECH statement, the LDAP client does not attempt to perform a bind and instead performs unauthenticated operations.
If you specify an empty string in the LDAP_BIND_DN statement, the LDAP client requests an anonymous bind. An anonymous bind is acceptable if the LDAP server has been configured to allow anonymous access.
If you configure LDAP TLS to require client certification and specify a SASL mechanism of EXTERNAL, the LDAP_BIND_DN statement is ignored and the identity of the search user is determined from the client certificate and the certificate mapping of the LDAP server. For more information, see
LDAP Transport Layer Security.