Collax Active Directory



Similar documents
Collax Web Security. Howto. This howto describes the setup of a Web proxy server as Web content filter.

Requirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module

Intel Entry Storage System SS4200-E Active Directory Implementation and Troubleshooting

CLEO NED Active Directory Integration. Version 1.2.0

Collax Monitoring with Nagios

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

Secure Web Appliance. Reverse Proxy

App Orchestration 2.5

INUVIKA OVD VIRTUAL DESKTOP ENTERPRISE

Installing and Setting up Microsoft DNS Server

PineApp Surf-SeCure Quick

NetIQ Advanced Authentication Framework - MacOS Client

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

IIS, FTP Server and Windows

Introduction. Versions Used Windows Server 2003

Active Directory integration with CloudByte ElastiStor

CYAN SECURE WEB HOWTO. NTLM Authentication

Configuring Sponsor Authentication

How to Configure Active Directory based User Authentication

How to Join QNAP NAS to Microsoft Active Directory (AD)

Scenario: IPsec Remote-Access VPN Configuration

H3C SSL VPN RADIUS Authentication Configuration Example

Synology NAS Server Windows ADS FAQ

Implementing Domain Name Service (DNS)

DNS must be up and running. Both the Collax server and the clients to be backed up must be able to resolve the FQDN of the Collax server correctly.

TopEase Single Sign On Windows AD

Active Directory Integration

Appendix D: Configuring Firewalls and Network Address Translation

Security Provider Integration Kerberos Server

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

RSA Security Analytics

bizhub C3850/C3350 USER S GUIDE Applied Functions

How to Configure the Windows DNS Server

Remote Access Technical Guide To Setting up RADIUS

User Management Tool 1.5

Configuration of a Load-Balanced and Fail-Over Merak Cluster using Windows Server 2003 Network Load Balancing

Network Configuration Settings

Dell Compellent Storage Center

Configuration Notes 0215

Installing and Configuring vcloud Connector

How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)

WebPanel Manual DRAFT

CONFIGURING ACTIVE DIRECTORY IN LIFELINE

Configuring Global Protect SSL VPN with a user-defined port

Getting Started Guide

Browser Settings for Optimal Site Performance

PC Power Down. MSI Deployment Guide

Installation Guide - Client. Rev 1.5.0

ITIS 2110 Lab 11: Domain Name Server. Tyler Everhart 11/12/2010

Using Microsoft Active Directory (AD) with HA3969U in Windows Server

Kerberos authentication between multiple domains may fail on LiveCycle Rights Management ES 8.2.1

Name Services (DNS): This is Quick rule will enable the Domain Name Services on the firewall.

Extending Microsoft Windows Active Directory Authentication to Access HP Service Health Reporter

Professional Mailbox Software Setup Guide

V Series Rapid Deployment Version 7.5

Installing Red Hat Enterprise Virtualization Manager RHEV-M on Windows 2008 R2.

Exchange 2013 mailbox setup guide

Installation and Configuration Guide

MailStore Outlook Add-in Deployment

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Windows Server 2008 R2 Initial Configuration Tasks

Riva GroupWise for Active Directory - Admin Guide

Configure Windows 95 after a Domain name change Configure TCP/IP correctly using DHCP Eliminate Network Traffic by Disabling Sharing

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

Tenrox and Microsoft Dynamics CRM Integration Guide

Polycom RealPresence Resource Manager System Getting Started Guide

Parallels Plesk Panel

NETASQ SSO Agent Installation and deployment

Other documents in this series are available at: servernotes.wazmac.com

App Orchestration 2.0

How To - Implement Single Sign On Authentication with Active Directory

SBBWU PROXY SETTING IT CENTRE How to Set a Proxy Server in All Major Internet Browsers for Windows

StarWind iscsi SAN Software: Configuring High Availability Storage for VMware vsphere and ESX Server

Enabling single sign-on for Cognos 8/10 with Active Directory

Integration with Active Directory. Jeremy Allison Samba Team

This document is intended to provide details on installation and configuration of the DNS.

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Use Enterprise SSO as the Credential Server for Protected Sites

Sentral servers provide a wide range of services to school networks.

Configuring User Identification via Active Directory

Creating a User Profile for Outlook 2013

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

User Management Tool 1.6

How-to: HTTP-Proxy and Radius Authentication and Windows IAS Server settings. Securepoint Security System Version 2007nx

Asia Web Services Ltd. (vpshosting.com.hk)

Ensure that your environment meets the requirements. Provision the OpenAM server in Active Directory, then generate keytab files.

White Paper. Fabasoft on Linux - Preparation Guide for Community ENTerprise Operating System. Fabasoft Folio 2015 Update Rollup 2

LDaemon. This document is provided as a step by step procedure for setting up LDaemon and common LDaemon clients.

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

To install the SMTP service:

CYAN SECURE WEB APPLIANCE. User interface manual

Releasing blocked in Data Security

How To Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication

Summary. How-To: Active Directory Integration. April, 2006

Chapter 3 Authenticating Users

Configuration Network Management Card-2

Transcription:

Collax Active Directory Howto This howto describes the configuration of a Collax server for joining a Windows Active Directory Service (ADS) domain. Furthermore, this howto focuses on how to set up the Active Directory proxy service. By merely joining the domain, the AD user only gains access to the file share services (FTP, Samba and, subject to restrictions, HTTP(S)) and Web proxy; if the AD proxy is made use of, most services of the Collax server can be used. Requirements Collax Business Server Collax Platform Server Collax Security Gateway Working AD Server with configured domain name service (DNS) Example Configuration Collax Server FQDN: cbs.internal.collax.com DNS zone: internal.collax.com Local network: 172.17.0.0/24 IP address: 172.17.0.1 Windows AD Server FQDN: w2k8.internal.collax.com DNS zone: internal.collax.com IP address: 172.17.0.45 ADS domain: INTERNAL Kerberos realm: INTERNAL.COLLAX.COM Introduction The first section describes how to configure the settings manually step by step. These settings can also be configured automatically by directly using the "Prepare for ADS" dialog. This is described in the second section "Join Domain". The second section also explains the configuration of the AD proxy. If you want the Collax server to configure the basic settings automatically instead of configuring everything manually, go directly to section 2 "Join Domain". 2014 Collax GmbH Status: Final Version: 5.8 Date: November 12, 2014

1. Configuring the Collax Server 1.1 DNS Configuration Under "Networking DNS General", enter the fully qualified domain name (FQDN) of the system and define the DNS suffix. Moreover, the DNS server must be activated. The name resolution of the computers in the network takes place via the Windows DNS server that has already been configured. Here, the Collax server merely needs to be informed to use it as forwarder. For this purpose, create a forward and a reverse zone. Enter the IP address of your AD Server under "Networking DNS Forward Zones". If a BDC is available and can also provide a DNS service, you can enter it here as secondary DNS server. Enter the IP address of your AD Server under "Networking DNS Reverse Zones". Here, a BDC can also be entered as secondary DNS server, if you have one. Collax Active Directory 2/7

1.3 Windows-specific Settings The configuration of the Windows-specific settings comprises the activation of the network functionality for Windows networks, the assignment of the domain name, and some optional settings. Perform the activation under "System Usage Policy Authentication PDC/ADS". Simply activate the service and enter the domain of the domain in the "Basic Settings" tab. In the "Permissions" tab, select at least one group that contains the network in which the AD Server and the local clients are located. In the "Options" tab, the items "WINS" and "Domain separator" are important. As the WINS server is normally the AD Server, the Collax server operates as a client in this example. Normally, "+" should be selected as domain separator. An underscore can cause problems with local groups whose name contains an underscore. Collax Active Directory 3/7

1.4 Kerberos Configure Kerberos under "System Usage Policy Authentication Kerberos". The Kerberos realm must correspond to the name of the DNS domain of the AD Server. Enter the AD Server as KDC. If a BDC exists, it can also be specified here. Separate the servers with spaces. 1.5 Switching the User Database Finally, the user database must be switched from "Local" to "ADS member" under "System Usage Policy Authentication PDC/ADS". If your AD server is a Windows 2008 Server, the FQDN of the AD Server must be entered under "Active Directory Server". With the item "Allow users from other domains", you can determine whether users from other domains may also log in. For these users to be able to log in, a relationship of trust must exist between the two domains. For security reasons, this option should be used with care. Moreover, please note that the responsible domain controller will be contacted for the authentication, which can cause problems if the connection is slow. 1.6 Checking the Settings The settings can be checked under "Services SMB/CIFS Server Prepare for ADS". The report in the upper section provides a list of the necessary settings and reports OK if the settings are OK. Collax Active Directory 4/7

2. Automatic Configuration of the Settings If the basic settings are to be configured automatically, enter the details of your "AD Server" in the section "ADS Settings" at the top. Then click "Save". Please note that configuration settings will automatically be overwritten on the basis of the specified details. This affects the settings for Kerberos, DNS, authentication, and Windows support. The settings for networks, network links, and groups will not be modified. If your AD Server is a Windows 2008 Server, enter the FQDN of the AD Server as "Active Directory Server" under "System Usage Policy Authentication PDC/ADS" after saving this item. Collax Active Directory 5/7

2.1 Join Domain You can join the domain under "System System Operation Authentication Join Domain". Be sure to activate the previously configured settings. To join the domain, use an administrator account of the AD Server that has the required permissions for creating a so-called machine account on the AD Server. Then click "Log on". The successful joining will be confirmed with the status message "Joined". 2.2 Special Case Windows 2008 Server To join a domain that is configured on a Windows 2008 Server, a change needs to be made on the Windows server. Start the Group Policy Editor on the W2K8. In the Default_DC_Policy under "Policies --> Administrative Templates --> Network Logon", set the item "Allow cryptography algorithms compatible with Windows NT 4.0" to "Enabled". In the DNS of the W2K8, manually generate a host for the Collax server (A) and a PTR. Collax Active Directory 6/7

2.3 Configuration of the AD Proxy The AD proxy can only be configured after successfully joining the domain. Configure the AD proxy settings under "System Usage Policy Authentication PDC/ADS". To use the AD proxy, you merely need an AD user who has read permissions for the LDAP directory on the AD Server. Subsequently, activate the configuration. Please note that depending on the number of users, the synchronization with the AD Server can take some time. The Collax server now is a member of the Active Directory domain. You can now make AD groups available to the local policy management. The group will subsequently appear in the "Groups" menu. This dialog is located under "System Usage Policy Policies Importable Groups". This dialog displays groups that can be used in the user management of an Active Directory. The listed groups can be integrated in the local policies after these have been included in the management by means of the action "Add to Local Groups". The users of the AD groups will continue to be managed via the Active Directory and are not part of the local system. Please note that only groups that also contain users in Active Directory will be listed. The users and groups are regularly synchronized every minute. Sometimes, however, a change in Active Directory can take several minutes until Windows has also published all changes. Collax Active Directory 7/7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information