Integrating Webalo with LDAP or Active Directory



Similar documents
Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

Configuring Sponsor Authentication

Configuring User Identification via Active Directory

Using LDAP Authentication in a PowerCenter Domain

User Guide. Voice Services Self Care Portal. Logging In. Welcome to the Self Care Portal

Here, we will discuss step-by-step procedure for enabling LDAP Authentication.

Configuring and Using the TMM with LDAP / Active Directory

SonicOS Enhanced 3.2 LDAP Integration with Microsoft Active Directory and Novell edirectory Support

Getting Started with Clearlogin A Guide for Administrators V1.01

econtrol 3.5 for Active Directory & Exchange Self-Service Guide

Setting up LDAP settings for LiveCycle Workflow Business Activity Monitor

Active Directory Requirements and Setup

LDAP and Active Directory Guide

Microsoft Outlook 2010

Document From MAXIMUM BUSINESS INFORMATION TECHNOLOGY ON A. OwnCloud User Manual. TO I Cafe`

Content Filtering Client Policy & Reporting Administrator s Guide

PRiSM Security. Configuration and considerations

User Management Guide

Managed Security Web Portal USER GUIDE

Quality Center LDAP Guide

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Integrating LANGuardian with Active Directory

Update Instructions

Installation Guide v3.0

PriveonLabs Research. Cisco Security Agent Protection Series:

Creating a generic user-password application profile

Adobe Connect LMS Integration for Blackboard Learn 9

Protected Trust Directory Sync Guide

IMPLEMENTING DIRECTORY SERVICES INTEGRATION WITH HELIX MEDIA LIBRARY Revision Date: September 2014

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

SonicOS Enhanced 3.2 LDAP Integration with Microsoft Active Directory and Novell edirectory Support

How To - Implement Single Sign On Authentication with Active Directory

Active Directory 2008 Implementation. Version 6.410

Broker Portal Tutorial Broker Portal Basics

Sample Configuration: Cisco UCS, LDAP and Active Directory

I. User registration NOTE: Click here to continue

Administration Guide. . All right reserved. For more information about Specops Password Sync and other Specops products, visit

Summary. How-To: Active Directory Integration. April, 2006

Active Directory Integration

Adeptia Suite LDAP Integration Guide

Facility Online Manager

PineApp Surf-SeCure Quick

Brivo Directory Agent. User Guide

Security Provider Integration LDAP Server

Using MailStore to Archive MDaemon

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

Application Note. ShoreTel 9: Active Directory Integration. Integration checklist. AN June 2009

Nexio Insight LDAP Synchronization Service

Active Directory LDAP Quota and Admin account authentication and management

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Avatier Identity Management Suite

Single Sign-On in SonicOS Enhanced 4.0

VERALAB LDAP Configuration Guide

Security Provider Integration Kerberos Server

Administration: Users and Roles

Security Assertion Markup Language (SAML) Site Manager Setup

Sophos Mobile Control Super administrator guide. Product version: 3

Group Management Server User Guide

Update Instructions

Microsoft Active Directory Authentication with SonicOS 3.0 Enhanced and SonicOS SC 1.0 (CSM 2100CF)

Connecting to Delta College Exchange services off-campus

LDAP Implementation AP561x KVM Switches. All content in this presentation is protected 2008 American Power Conversion Corporation

SchoolBooking LDAP Integration Guide

Schneps, Leila; Colmez, Coralie. Math on Trial : How Numbers Get Used and Abused in the Courtroom. New York, NY, USA: Basic Books, p i.

Active Directory Integration Notes. Introduction. Overview

How do I share a file with a friend or trusted associate?

Update Instructions

Google Apps SSO to Office 365 Integration

PGP Desktop LDAP Enterprise Enrollment

How to Logon with Domain Credentials to a Server in a Workgroup

Learn AX: A Beginner s Guide to Microsoft Dynamics AX. Managing Users and Role Based Security in Microsoft Dynamics AX Dynamics101 ACADEMY

qliqdirect Active Directory Guide

Authentication Methods

NETASQ ACTIVE DIRECTORY INTEGRATION

Security Provider Integration Kerberos Authentication

Important Information

Cloudwork Dashboard User Manual

Cloudfinder for Office 365 User Guide. November 2013

Deploying RSA ClearTrust with the FirePass controller

SSL VPN Portal Options

CalREDIE Browser Requirements

RSA Authentication Manager 7.1 Microsoft Active Directory Integration Guide

To enable an application to use external usernames and passwords, you need to first configure CA EEM to use external directories.

How to Give Admin Rights to Students on the ADGRM Domain

End User Configuration

1 Introduction. Windows Server & Client and Active Directory.

Using LDAP with Sentry Firmware and Sentry Power Manager (SPM)

Connection Broker Managing User Connections to Workstations, Blades, VDI, and More. Quick Start with Microsoft Hyper-V

NSi Mobile Installation Guide. Version 6.2

LDAP Directory Integration with Cisco Unity Connection

How To Access A Secure From The State Of Iceland

IIS, FTP Server and Windows

LDAP User Service Guide 30 June 2006

Update Instructions

LDAP User Guide PowerSchool Premier 5.1 Student Information System

F-Secure Messaging Security Gateway. Deployment Guide

Installation Steps for PAN User-ID Agent

Océ LDAP Adapter User Guide

Entrust Managed Services PKI Administrator s Quick Start Guide

PageScope Router. Version 1.5. Configuration Guide

Transcription:

Integrating Webalo with LDAP or Active Directory Webalo can be integrated with an external directory to identify valid Webalo users and then authenticate them to the Webalo appliance. Integration with LDAP and Active Directory are supported. 1) Configuring LDAP / Active Directory integration in Webalo. a) Gather information needed for configuring Webalo for use with the external directory. b) Go to the Webalo Appliance Administration Interface. Log in as the appliance admin. c) Click on External Directory Configuration in the left-hand pane and fill out the External Directory Configuration form:

d) The following data is needed for the Webalo External Directory Configuration form. You will need to select or edit the choices indicated below in red. The examples are for Active Directory and will depend on how LDAP or Active Directory is set up in your organization. i) External Directory Type: Select one of Active Directory, LDAP, None ii) Display in Agenda as: Specify a name for your external directory that will be displayed under People and Access in the Administrative Website, e.g., Active Directory 1 ). iii) Directory URL: Specify the URL for LDAP requests (e.g. LDAP://domain.yourcompany.com) iv) User Search Base Distinguished Name or DN: The Search Base should be set to a level that will include all potential Webalo users, e.g., CN=Users,DC=domain,DC=yourcompany,DC=com or OU=ActiveUsers,DC=domain,DC=yourcompany,DC=com v) Search Filter (optional): This filter specializes the query below the Search Base to specify how Webalo users are to be determined typically, by membership in a special Webalo group. E.g., (&(objectclass=user)(memberof=cn=webalouniversalgroup,cn=users,dc= domain,dc=yourcompany,dc=com)) or (&(objectclass=user)(memberof=cn=webalouniversalgroup,ou=security Groups,OU=Mobile,DC=domain,DC=yourcompany,DC=com) or, if searching subdirectories with OID: (&(objectclass=user)(memberof:1.2.840.113556.1.4.1941:=cn= WebaloUniversalGroup,CN=Users,DC=domain,DC=yourcompany,DC=com)).

vi) Directory Authentication: (Anonymous, Basic) vii) Directory Admin DN: CN=WebaloProcessUser,CN=Users,DC=domain,DC=yourcompany,DC=com You will need to create this account ahead of time. A lightly permissioned Domain User is sufficient for the task: Create e.g., WebaloProcessUser, a standard User who is a member-of Domain Users. Select Extensions> Security> SELF, and change the permissions for WebaloProcessUser to: o Read - all read items listed should be checked. o Allowed to Authenticate - needs to be checked. o Change password - needs to be checked o All other items remain unchecked. viii) Directory Admin Password: Specify the password for the Directory Admin (e.g. WebaloProcessUser) referred to in the previous step ix) Full Name Attribute: Specify the AD field (e.g. name) to be used for the full name in Webalo. [Required] x) Email Attribute: Specify the AD field (e.g. mail) to be used for the Email in Webalo. [Required] xi) Login ID Attribute: Specify the AD field (e.g. userprincipalname recommended, but could be alternative Login ID Attribute such as samaccountname) to be used as the Login ID in Webalo. [Required] e) Select Save.

2. Synchronizing users in Webalo with Active Directory Webalo Group a. We recommend that the administrator make a snapshot of the Webalo virtual appliance prior to LDAP/AD synchronization, particularly if there are large numbers of users already in Webalo, or if LDAP/AD and Webalo naming conventions are different. b. Without logging out of the AAI as account admin, open a new browser and go to the Agenda at https://yourcompanyhost/md/login. Log in as Webalo System Administrator. Select Manage Accounts. c. Select People and Access and there will be a new option available. The option is Synchronize with YourExtDir, where YourExtDir is the value you specified in the Display in Agenda field of the External Directory Configuration form. d. Select this Synchronize with YourExtDir option. e. The Review all Users in Account page will come up detailing all the users in your account and their groups. f. Press the Synchronize with Active Directory button and the synchronization process will start. When complete, you will see a list of deleted users, added users, and problem users. If the existing names in Webalo conformed to the name preservation specifications stated below, all existing users will be preserved from the existing Webalo configuration. g. If a Problem Encountered message comes up, either the Default Login ID Suffix was not configured in the system administration pages, or there was an error in the External Directory Configuration form. To correct the former, please review the document "Setting up Default Login ID Suffix for Active Directory and LDAP" listed in the documents section of support.webalo.com. Otherwise, please review your entries in the External Directory Configuration form to correct any errors.

3. Preserving Existing Login Names and Groups during Active Directory Integration Synchronization with LDAP/AD is able to preserve previously configured Webalo usernames and group assignments if the following conditions are true: 1) If the users are set up so that their login IDs agree with Active Directory, then the users, and their domain and group assignments, should be preserved. Note that IDs are case sensitive if the names are in capitals in AD, and in lower case in Webalo, the login ID s will not correspond. 2) When we say " login IDs agree..." we technically mean: a. That the full Webalo login IDs of the existing users are of the form: bjones%mydomain.com (note the "%") where "bjones" is what the user enters on his/her device (known as the User Logon Name in LDAP/AD terminology) and "mydomain.com" is what has been configured as the Webalo appliance-wide "Default Login ID Suffix" (set in the System admin web pages); b. AND that those login IDs, replacing the % by a @, would be the same as the UPNs of the users in Active Directory.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information