CLEO NED Active Directory Integration. Version 1.2.0



Similar documents
How to Join QNAP NAS to Microsoft Active Directory (AD)

NAS 206 Using NAS with Windows Active Directory

Installing and Setting up Microsoft DNS Server

PRODUCT WHITE PAPER LABEL ARCHIVE. Adding and Configuring Active Directory Users in LABEL ARCHIVE

Introduction. Versions Used Windows Server 2003

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Professional Mailbox Software Setup Guide

istorage Server: High Availability iscsi SAN for Windows Server 2012 Cluster

How To Install Ctera Agent On A Pc Or Macbook With Acedo (Windows) On A Macbook Or Macintosh (Windows Xp) On An Ubuntu (Windows 7) On Pc Or Ipad

IIS, FTP Server and Windows

How to Install the Active Directory Domain Services (AD DS) Role in Windows Server 2008 R2 and Promote a Server to a Domain Controller

PineApp Surf-SeCure Quick

Active Directory integration with CloudByte ElastiStor

How to Configure the Windows DNS Server

NetIQ Advanced Authentication Framework - MacOS Client

RoomWizard Synchronization Software Manual Installation Instructions

How to set up Outlook Anywhere on your home system

Using Microsoft Active Directory (AD) with HA3969U in Windows Server

netld External Authentication Setup Guide

Device Log Export ENGLISH

How To - Implement Single Sign On Authentication with Active Directory

Active Directory Domain Migration Checklist ADUM Active Directory Migrator

Presenter s name here Date of presentation (optional) Windows Security and Domains for Experion

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Using LifeSize systems with Microsoft Office Communications Server Server Setup

Defender Token Deployment System Quick Start Guide

1. Set Daylight Savings Time Create Migrator Account Assign Migrator Account to Administrator group... 4

Configuring Sponsor Authentication

How To Manage Storage With Novell Storage Manager 3.X For Active Directory

Collax Active Directory

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

NSi Mobile Installation Guide. Version 6.2

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

HP Device Manager 4.7

Dell Compellent Storage Center

VITAL SIGNS Quick Start Guide

Kaseya Server Instal ation User Guide June 6, 2008

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

Cloud Services ADM. Agent Deployment Guide

Configuring a Windows 2003 Server for IAS

Enterprise Apple Xserve Wiki and Blog using Active Directory. Table Of Contents. Prerequisites 1. Introduction 1

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

Active Directory Management. Agent Deployment Guide

Exchange 2013 mailbox setup guide

Specops Command. Installation Guide

Setting up Sharp MX-Color Imagers for Inbound Fax Routing to or Network Folder

Exostar LDAP Proxy / Secure Setup Guide. This document provides information on the following topics:

Windows XP Exchange Client Installation Instructions

Client configuration and migration Guide Setting up Thunderbird 3.1

Updated: 7/10/2013 Author: Tim Unten

Quick Instructions Installing on a VPS (Virtual Private Server)

Security Assertion Markup Language (SAML) Site Manager Setup

ArcMail Technology Defender Mail Server Configuration Guide for Microsoft Exchange Server 2003 / 2000

Windows Server 2008 R2 Initial Configuration Tasks

Basic Exchange Setup Guide

Setup Guide Revision A. WDS Connector

Installation of MicroSoft Active Directory

LAB 1: Installing Active Directory Federation Services

Integrating LANGuardian with Active Directory

Using Internet or Windows Explorer to Upload Your Site

Configuring Microsoft RADIUS Server and Gx000 Authentication. Configuration Notes. Revision 1.0 February 6, 2003

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

WhatsUp Gold v16.1 Installation and Configuration Guide

MicrosoftDynam ics GP TenantServices Installation and Adm inistration Guide

istorage Server: High-Availability iscsi SAN for Windows Server 2008 & Hyper-V Clustering

Configuring Single Sign-On for Application Launch in OpenManage Essentials

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

INSTALLATION GUIDE Version 1.2

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

White Paper. Installation and Configuration of Fabasoft Folio IMAP Service. Fabasoft Folio 2015 Update Rollup 3

AeroLab Wireless Network Code of Conduct. Connecting to the AeroLab Wireless Network

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

StarWind iscsi SAN & NAS: Configuring HA Shared Storage for Scale- Out File Servers in Windows Server 2012 January 2013

How To Configure A Bomgar.Com To Authenticate To A Rdius Server For Multi Factor Authentication

Professional Mailbox Software Setup Guide

Configuring File Servers and Active Directory with Domain Services for Windows-Lab

Active Directory Management. Agent Deployment Guide

Installation Guide. . All right reserved. For more information about Specops Inventory and other Specops products, visit

How To Enable A Websphere To Communicate With Ssl On An Ipad From Aaya One X Portal On A Pc Or Macbook Or Ipad (For Acedo) On A Network With A Password Protected (

Use QNAP NAS for Backup

Sage HRMS 2014 Sage Employee Self Service Tech Installation Guide for Windows 2003, 2008, and October 2013

Trial environment setup. Exchange Server Archiver - 3.0

Creating a User Profile for Outlook 2013

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Defender Configuring for Use with GrIDsure Tokens

Basic Exchange Setup Guide

Active Directory Provider User s Guide

AlienVault Unified Security Management (USM) x. Configuring High Availability (HA)

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

PaperClip. em4 Cloud Client. Manual Setup Guide

Test Case 3 Active Directory Integration

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

CruzNet Secure Set-Up Instructions for Windows Vista

StarWind iscsi SAN Software: Using StarWind with MS Cluster on Windows Server 2003

Polycom RealPresence Resource Manager System Getting Started Guide

How To Connect To A Wireless Network On Windows 7 (Windows 7) On A Pc Or Mac Or Ipad (Windows) On Pc Or Ipa (Windows 8) On Your Computer Or Mac (Windows). (Windows.7) On An

Savvius Insight Initial Configuration

Transcription:

CLEO NED Active Directory Integration Version 1.2.0

CLEO NED Active Directory Integration Manual v1.2.0 Copyright c 2010 Lancaster University Network Services Limited. All rights reserved. Microsoft, Windows, and Active Directory are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Table of Contents 1 Introduction................................................... 1 2 Prerequisites................................................... 2 2.1 Active Directory User Account..................................................... 2 2.2 DNS Entries....................................................................... 2 2.3 Clock Synchronization............................................................. 3 2.4 Proxy Configuration............................................................... 3 3 Dashboard Configuration..................................... 4 Appendix A Active Directory Integration Changes.......... 5 A.1 Version 1.2.0...................................................................... 5 A.2 Version 1.0.0...................................................................... 5 Index............................................................... 6 i

1 Introduction This manual describes how to integrate a CLEO NED with Microsoft R Active Directory R. 1

2 Prerequisites Before configuration Active Directory R integration in Dashboard you will need to ensure that the prerequisites described below are met. 2.1 Active Directory User Account In order for the NED to communicate with your Active Directory R system it needs a user account with specific, highly-restricted privileges. These steps may be followed to create the correct, minimally privileged account: 1. Login to AD server as an administrator user 2. Create a normal new user. This user must not be in the administrators group. You may wish to consider not requiring password changes for this user; although you may require them if you wish to do. Note that there is no warning mechanism in the NED or Dashboard system for alerting you to expired passwords; your AD integration will simply begin denying all requests if you forget to rotate your NED user s password before it expires. 3. Open AD Users and Computer management console. 4. Ensure Advanced Features is enabled in the View menu 5. Right click the Computers container, and select Properties. It is important that it is Computers itself, and not a sub-container, that is chosen, as the NED will only attempt to join the AD domain within the Computers container. 6. In the Properties dialog, choose the Security Tab, and select Advanced. 7. When presented with the list of permission entries, click on Add... to add your new user to the list. 8. In the dialog presented, enter the user name you previously created then click the Check Names button, check the results, and then click the OK button if the correct user was found. 9. Once the user has been added to the list, select it, then click Edit.... This is to restrict the permissions to only those required. 10. Clear all the existing permissions for your user, and then choose to allow only Create Computer Objects. 11. Confirm all the dialogs with OK and close the MMC. 2.2 DNS Entries Active Directory integration in CLEO NED release 1.2 requires forward (A) and reverse (PTR) DNS entries within the Active Directory system. These must currently be created by the AD administrator by hand. The PTR record will require a reverse DNS zone for your curriculum network. This zone must exist before you follow the procedure below. These steps may be followed to create the records: 1. Open the DNS management console 2. Select your DNS server, and then Forward Lookup Zones. 3. You should see an container for your windows domain; right click it and choose New Host (A)... 4. Under name, enter, in lower case, your site code, which can be obtained from Dashboard. 5. Under IP address, enter your NED s IP address, which can be obtained from Dashboard. 6. Ensure Create associated pointer (PTR) record is selected. 7. Click Add Host. 2

2.3 Clock Synchronization Keberos is used for authentication with Active Directory starting in CLEO NED 1.2. This requires that clocks to synchronized to within five minutes. The recommended way of doing this is to configure the Active Directory server to synchronize with the CLEO time service via NTP. The NTP server is ntp.cleo.net.uk. Alternatively, the AD clock may be set to the same time as the NED s clock by hand. The time on the NED can be determined by viewing the NED status page, either the one on the NED directly, or the one provided via Dashboard. The NED automatically synchronizes its clock with ntp.cleo.net.uk, and should generally be very accurate. 2.4 Proxy Configuration It is recommended that sites using AD integration do so via the proxy auto-configuration script provided by CLEO. If, for some reason, you are not using the CLEO PAC script you should ensure that the client computers on your network are configured to use the CLEO NED via the DNS name you setup under Section 2.2 [DNS Entries], page 2. Attempting to use the NED as a proxy via IP address or an alternative DNS address while integrated with AD will cause user authentication to fail. 3

3 Dashboard Configuration Once the prerequisites for Active Directory R integration have been met you can configure the integration in Dashboard. The fields in the Active Directory R configuration page should be filled out as follows: NETBIOS Domain Name The domain name for pre-windows 2000 compatibility. This may be found under Active Directory Users and Computers by clicking on the root node of the domain and selecting Properties. Windows Domain The full windows domain name, listed in Active Directory Users and Computers and the DNS settings you have modified above. PDC NETBIOS Name The name of the main domain controller, as shown in the System Properties. IP Address of Server This is usually the IP address of the domain controller as above, however if you have separate DNS servers, it should be one of those addresses. AD Username The user name of the user created in Section 2.1 [Active Directory User Account], page 2. AD Password The password of the user created in Section 2.1 [Active Directory User Account], page 2. 4

Appendix A Active Directory Integration Changes This section briefly describes the changes to Active Directory R integration by NED version number. Note that this section does not describe changes to this document, only changes to AD integration itself. A.1 Version 1.2.0 Support for Windows 7 with Internet Explorer introduced the following requirements: forward and reverse DNS records within the domain for the NED; use of the domain DNS records when contacting the proxy; and clock synchronization to within five minutes. A.2 Version 1.0.0 Initial release. 5

Index 1 1.0.0.............................................. 5 1.2.0.............................................. 5 A A record.......................................... 2 account, user...................................... 2 active directory integration changes................ 5 AD password...................................... 4 AD username..................................... 4 C changes, active directory integration............... 5 clock synchronization.............................. 3 configuration, proxy............................... 3 D dns entries........................................ 2 E entries, dns....................................... 2 I integration changes, active directory............... 5 Internet Options, proxy configuration.............. 3 introduction....................................... 1 N NETBIOS domain name.......................... 4 P pac script......................................... 3 password, AD..................................... 4 PDC NETBIOS name............................. 4 permissions, restricting user account............... 2 prerequisites...................................... 2 prerequisites, clock synchronization................ 3 prerequisites, DNS entries......................... 2 prerequisites, proxy configuration.................. 3 prerequisites, user account in Active Directory..... 2 proxy configuration............................... 3 PTR record....................................... 2 R restricting user account permissions............... 2 S synchronization, clock............................. 3 U user, account...................................... 2 username, AD..................................... 4 V version 1.0.0...................................... 5 version 1.2.0...................................... 5 W Windows domain.................................. 4 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information