For which third-party authentication methods must you specify a search base?

The third-party authentication method that requires specifying a search base is Active Directory. This is because when integrating with Active Directory for authentication, the Firebox needs to know the specific location within the directory from which to search for user accounts. The search base determines the starting point in the directory's hierarchy for the authentication queries made by the Firebox. This is essential for locating user information effectively and ensuring that authentication requests are directed appropriately within a potentially complex directory structure.

In contrast, other methods like RADIUS and SecurID typically do not require a search base because they rely on different authentication mechanisms, such as simple username and password verification or token-based systems. LDAP, while it also requires a directory service for user authentication, can sometimes operate without a specified search base when using default search parameters, depending on the configuration and directory structure in use.