CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad 380015, INDIA www.cyberoam.com



Similar documents
CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad , INDIA

CYBEROAM WINDOWS DOMAIN CONTROLLER INTEGRATION GUIDE VERSION:

Radius Integration Guide Version 9

ADS Integration Guide

HTTP Client Installation Guide Version 9

High Availability Configuration Guide Version 9

Cyberoam Multi link Implementation Guide Version 9

SOFTWARE LICENSE LIMITED WARRANTY

Virtual LAN Configuration Guide Version 9

IPSec VPN Client Installation Guide. Version 4

Cyberoam IPSec VPN Client Configuration Guide Version 4

Cyberoam Anti Spam Implementation Guide Version 9

SSL VPN Client Installation Guide Version 9

Cyberoam Anti Virus Implementation Guide Version 9

Product Release Information

Cyberoam Anti Spam Configuration Guide Version 9

SOFTWARE LICENSE LIMITED WARRANTY DISCLAIMER OF WARRANTY RESTRICTED RIGHTS. Corporate Headquarters

Cyberoam Configuration Guide for VPNC Interoperability Testing using DES Encryption Algorithm

Thin Client Solution Installation Guide Version

SSL VPN Management Guide Version 10

Cyberoam Virtual Security Appliance - Installation Guide for XenServer. Version 10

Cyberoam Anti Spam Implementation Guide Version 9

User Guide Version 9 Document version /03/2007

Cyberoam Virtual Security Appliance - Installation Guide for VMware ESX/ESXi. Version 10

Version: 4.10 Build 010 Date: April, 2008

User Guide Version 9.5.8

Self Help Guides. Create a New User in a Domain

Deploying Virtual Cyberoam Appliance in the Amazon Cloud Version 10

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

Release Notes. Release Notes Information. Release Information. Release Date: 22nd September, 2011

empower Authentication Manual, Version 3.7

Unified Threat Management

Application Note. Gemalto s SA Server and OpenLDAP

MiSync Personal for Beams

Active Directory Change Notifier Quick Start Guide

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Svn.spamsvn110. QuickStart Guide to Authentication. WebTitan Version 5

Cisco TelePresence Authenticating Cisco VCS Accounts Using LDAP

Adeptia Suite LDAP Integration Guide

4.0. Offline Folder Wizard. User Guide

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

VCCC Appliance VMware Server Installation Guide

FortiAuthenticator Agent for Microsoft IIS/OWA. Install Guide

User Management Guide

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

How To - Implement Single Sign On Authentication with Active Directory

By the Citrix Publications Department. Citrix Systems, Inc.

Sample Configuration: Cisco UCS, LDAP and Active Directory

formerly Help Desk Authority HDAccess Administrator Guide

Defender Delegated Administration. User Guide

Dell One Identity Cloud Access Manager How to Configure vworkspace Integration

Dell One Identity Cloud Access Manager How to Configure Microsoft Office 365

Defender 5.7. Remote Access User Guide

Contents Notice to Users

Setup Guide Access Manager 3.2 SP3

Quick Connect Express for Active Directory

Version 9. Active Directory Integration in Progeny 9

CA Performance Center

Quest Collaboration Services How it Works Guide

Quest ChangeAuditor 5.1 FOR ACTIVE DIRECTORY. User Guide

Installation Guide Supplement

DualShield Authentication Platform

Secure . Administrator's Guide

Enterprise Single Sign-On 8.0.3

Self Help Guides. Setup Exchange with Outlook

Application Note. Citrix Presentation Server through a Citrix Web Interface with OTP only

Copy Tool For Dynamics CRM 2013

Microsoft Dynamics GP. Workflow Installation Guide Release 10.0

User Guide for Paros v2.x

Web Remote Access. User Guide

Symantec Backup Exec Management Plug-in for VMware User's Guide

OpenLDAP Oracle Enterprise Gateway Integration Guide

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

Setup Reset Password Portal. CloudAnywhere. Auteur Emmanuel Dreux

Dell One Identity Cloud Access Manager How To Deploy Cloud Access Manager in a Virtual Private Cloud

HP Device Manager 4.7

Remote Console Installation & Setup Guide. November 2009

8.7. Resource Kit User Guide

AIMS Installation and Licensing Guide

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

Quick Start Guide for Parallels Virtuozzo

Interworks. Interworks Cloud Platform Installation Guide

Dell One Identity Cloud Access Manager SonicWALL Integration Overview

Quest Collaboration Services 3.5. How it Works Guide

NCD ThinPATH Load Balancing Startup Guide

DameWare Server. Administrator Guide

Importing data from Linux LDAP server to HA3969U

Enterprise Single Sign-On Installation and Configuration Guide

Synology NAS Server Mail Station User Guide

Ektron CMS400.NET Virtual Staging Server Manual Version 7.5, Revision 1

Configuring Microsoft Active Directory for Oracle Net Naming. An Oracle White Paper April 2014

RSA Two Factor Authentication. Feature Description

How To Use Libap With A Libap Server With A Mft Command Center And Internet Server

CA Unified Infrastructure Management Server

SSL VPN User Guide Version 10

Configuring IBM Cognos Controller 8 to use Single Sign- On

How to install Artologik HelpDesk 3

StoneGate SSL VPN Technical Note Adding Bundled Certificates

Synology SSO Server. Development Guide

Transcription:

CYBEROAM LDAP INTEGRATION GUIDE VERSION: 7

IMPORTANT NOTICE Elitecore has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Elitecore assumes no responsibility for any errors that may appear in this document. Elitecore reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice. SOFTWARE LICENSE The software described in this document is furnished under the terms of Elitecore s software license agreement. Please read these terms and conditions carefully before using the software. By using this software, you agree to be bound by the terms and conditions of this license. If you do not agree with the terms of this license, promptly return the unused software and manual (with proof of payment) to the place of purchase for a full refund. LIMITED WARRANTY Software: Elitecore warrants for a period of ninety (90) days from the date of shipment from Elitecore: (1) the media on which the Software is furnished will be free of defects in materials and workmanship under normal use; and (2) the Software substantially conforms to its published specifications except for the foregoing, the software is provided AS IS. This limited warranty extends only to the customer as the original licenses. Customers exclusive remedy and the entire liability of Elitecore and its suppliers under this warranty will be, at Elitecore or its service center s option, repair, replacement, or refund of the software if reported (or, upon, request, returned) to the party supplying the software to the customer. In no event does Elitecore warrant that the Software is error free, or that the customer will be able to operate the software without problems or interruptions. DISCLAIMER OF WARRANTY Except as specified in this warranty, all expressed or implied conditions, representations, and warranties including, without limitation, any implied warranty or merchantability, fitness for a particular purpose, noninfringement or arising from a course of dealing, usage, or trade practice, and hereby excluded to the extent allowed by applicable law. In no event will Elitecore or its supplier be liable for any lost revenue, profit, or data, or for special, indirect, consequential, incidental, or punitive damages however caused and regardless of the theory of liability arising out of the use of or inability to use the product even if Elitecore or its suppliers have been advised of the possibility of such damages. In the event shall Elitecore s or its suppliers liability to the customer, whether in contract, tort (including negligence) or otherwise, exceed the price paid by the customer. The foregoing limitations shall apply even if the above stated warranty fails of its essential purpose. In no event shall Elitecore or its supplier be liable for any indirect, special, consequential, or incidental damages, including, without limitation, lost profits or loss or damage to data arising out of the use or inability to use this manual, even if Elitecore or its suppliers have been advised of the possibility of such damages. RESTRICTED RIGHTS Copyright 2000 Elitecore Technologies Ltd. All rights reserved. Cyberoam, Cyberoam logo are trademark of Elitecore Technologies Ltd. Information supplies by Elitecore Technologies Ltd. Is believed to be accurate and reliable at the time of printing, but Elitecore Technologies assumes no responsibility for any errors that may appear in this documents. Elitecore Technologies reserves the right, without notice, to make changes in product design or specifications. Information is subject to change without notice CORPORATE HEADQUARTERS Elitecore Technologies Ltd. 904 Silicon Tower, Off. C.G. Road, Ahmedabad 380015, INDIA www.cyberoam.com

Elitecore Technologies Ltd. Corporate Office 904 Silicon Tower, B/h Pariseema Building, Off. C.G. Road, Ahmedabad-380 006. INDIA Telphone: +91-79-26405600 Fax: +91-79-26462200 Bangalore Office 3 rd floor, 19/1 Infantry Road Cross Behind Medinova Diagnostic Centre Banglore-560 001. INDIA Telphone: +91-80-51517880/81 Fax: +91-80-51517883 Delhi Office 606 Mahatta Tower, B Block Community Centre, Janakpuri, New Delhi-110058. INDIA Telphone: +91-11-25529638/40, +91-11- 51589761/62 Fax: +91-11-51589760 U.S.A Office 600 Meadowland Parkway, Suite 270, Secaucus, New Jersey 07094 U.S.A. Telphone: 201-484-7581 Fax: 201-422-9715 Australia Office 12 Peppercress Place, Old Toongabbie NSW 2146 Australia Telphone: 61-413939862 Fax: 61-296319091 Mumbai Office Office 4, B/65, Stanford Plaza, Off. New Link Road, Andheri (W) Mumbai-400 058. INDIA Telphone: +91-22-56951280/380 Fax: +91-22-56923363

Cyberoam LDAP Integration Guide Guide Sets Guide Installation & Registration Guide User Guide Part I Getting Started Part II Management Detailed statistics Reports Console Guide Windows Client Guide Linux Client Guide HTTP Client Guide Analytical Tool Guide Cyberoan - LDAP Integration guide Cyberoam ADS Integration Guide Data transfer Management Guide Mail Management Multi Link Manager User Guide VPN Management Printer Usage Management Guide Printer Installation and Configuration Guide Describes Installation & registration process How to start using Cyberoam Management and Customization of Cyberoam Detailed reports Console Management Installation & configuration of Cyberoam Windows Client Installation & configuration of Cyberoam Linux Client Installation & configuration of Cyberoam HTTP Client Using the Analytical tool for diagnosing and troubleshooting common problems Configuration for integrating LDAP with Cyberoam for external authentication Configuration for integrating ADS with Cyberoam for external authentication Configuration and Management of user based data transfer policy Configuration and Management of Mail server Configuration of Multiple Gateways, load balancing and failover Implementing and managing VPN Configuration and Management of user based printing quota policy Installation and Configuration of Elitecore Print Manager 7300-1.0-9/20/2005 4

7300-1.0-9/20/2005 5 Cyberoam LDAP Integration Guide Technical Support You may direct all questions, comments, or requests concerning the software you purchased, your registration status, or similar issues to Customer care/service department at the following address: Corporate Office elitecore Technologies Ltd. 904, Silicon Tower Off C.G. Road Ahmedabad 380015 Gujarat, India. Phone: +91-79-26405600 Fax: +91-79-26462200 Web site: www.elitecore.com Cyberoam contact: Technical support (Corporate Office): +91-79-26400707 Email: support@cyberoam.com Web site: www.cyberoam.com Visit www.cyberoam.com for the regional and latest contact information.

Cyberoam LDAP Integration Guide Typographic Conventions Material in this manual is presented in text, screen displays, or command-line notation. Item Convention Example Server Client User Username Part titles Bold and shaded font typefaces Machine where Cyberoam Software - Server component is installed Machine where Cyberoam Software - Client component is installed The end user Username uniquely identifies the user of the system Report Topic titles Shaded font typefaces Introduction Subtitles Bold & Black typefaces Notation conventions Navigation link Bold typeface Group Management Groups Create it means, to open the required page click on Group management then on Groups and finally click Create tab Name of a particular parameter / field / command button text Cross references Lowercase italic type Hyperlink in different color Enter policy name, replace policy name with the specific name of a policy Or Click Name to select where Name denotes command button text which is to be clicked refer to Customizing User database Clicking on the link will open the particular topic Notes & points to remember Prerequisites Bold typeface between the black borders Bold typefaces between the black borders Note Prerequisite Prerequisite details 7300-1.0-9/20/2005 6

7300-1.0-9/20/2005 7 Cyberoam LDAP Integration Guide Overview Welcome to the Cyberoam s - LDAP Integration Guide. Cyberoam s integrated Internet security solution is purpose-built to meet the unified threat management needs of corporate, government organizations and educational institutions. It also provides assistance in improving Bandwidth management, increasing Employee productivity and reducing legal liability associated with undesirable Internet content access. Once you have installed and placed Cyberoam, default policy is automatically applied which will allow complete network traffic to pass through Cyberoam. This will allow you to monitor user activity in your Network based on default policy. As Cyberoam monitors and logs user activity based on IP address, all the reports are generated based on IP address. To monitor and log user activities based on User names or logon names, you have to configure Cyberoam for integrating user information and authentication process. Integration will identify access request based on User names and generate reports based on Usernames. When the user attempts to access, Cyberoam requests a user name and password and authenticates the user's credentials before giving access. User level authentication can be performed using the local user database on the Cyberoam, an External ADS server, Windows Domain Controller, or LDAP server. To set up user database 1. Integrate ADS, Domain Controller or LDAP if external authentication is required. If your Network uses Active Directory Services, configure Cyberoam to communicate your ADS. Refer to Cyberoam ADS Integration for more details. If your Network uses Windows Domain Controller, configure for Cyberoam to communicate with Windows Domain Controller.Refer to Cyberoam PDC Integration for more details. If your Network uses LDAP, configure for Cyberoam to communicate with LDAP server. Refer to Cyberoam LDAP Integration for more details. 2. Configure for local authentication. 3. Register user

7300-1.0-9/20/2005 8 Cyberoam LDAP Integration Guide Introduction to LDAP Lightweight Directory Access Protocol (LDAP) is a general-purpose database management system, optimized to use as a directory server. It can also be termed as directory service protocol that runs on top of the TCP/IP stack. Function of LDAP is to enable access to an existing directory. An LDAP directory is a collection of entries, which consist of one or more attributes each. Each attribute has one or more values and a type that determines the kind of information the values can hold and how those values behave during directory operations. The entries are arranged hierarchically in a tree that is structured geographically and organizationally. Global entries, such as countries/regions, reside at the top of the tree, followed by state or national organizations, then organizational units, people, devices, or anything else that might be represented in a directory. A directory entry is represented by its entry name, or relative distinguished name (RDN), and by its distinguished name (DN). The DN uniquely identifies each entry on a global level, and is derived by concatenating the RDN of an entry with the RDN of each of its ancestor entries. LDAP Authentication Process When Cyberoam is installed in Windows environment with LDAP server, it is not necessary to create users again in Cyberoam. Cyberoam provides a facility to automatically create user(s) on first logon. Whenever the existing user(s) in LDAP logs on for the first time after configuration, user is automatically created in Cyberoam and is assigned to the default group. This reduces Administrator s burden of creating the same users in Cyberoam. User has to be authenticated by Cyberoam before granting access the Internet. Cyberoam sends the user authentication request to LDAP and LDAP server authenticates user as per supplied tokens. User can log on using their Windows authentication tokens. (login/user name and password).

Cyberoam LDAP Integration Guide Configuring for LDAP Integration Select User External Authentication to open configuration page Screen LDAP Integration Screen Elements Description Configure Authentication & Integration parameters Integrate with Select LDAP as authentication server Default Group Update button Add button If the user does not exist in Cyberoam but is already in LDAP, Cyberoam automatically adds users into the default group on first logon. Allows to select default group for all users Click Default Group list to select Updates and saves the configuration Allows to add LDAP server Refer Add LDAP Server for details Table LDAP Integration screen elements 7300-1.0-9/20/2005 9

Cyberoam LDAP Integration Guide Add LDAP Server Screen LDAP Server configuration Screen Elements Edit LDAP Server Details Server IP Port Anonymous Login Description Specify LDAP Server IP Address Specify Port number over which LDAP Server communicates Default port is 389 Specify whether to enforce administrator user authentication or not. To permit administrator user to anonymously bind to the LDAP service, select/enable Anonymous Login. When anonymous access is allowed, no username or password is required by the LDAP client to retrieve information. Administrator Only if Anonymous Login is Disabled Password Only if Anonymous Login is Disabled Base DN To enforce administrator user authentication deselect/disable Anonymous Login and set the Administrator Username and Password. Specify Administrator Username Specify Password of Administrator Username Specify base DN. It is used to look up entries in LDAP server. The top level of the LDAP directory tree is the base, referred to as the "base DN". A base DN usually takes one of the three forms: Organization name, Company s 7300-1.0-9/20/2005 10

Cyberoam LDAP Integration Guide Screen Elements Description Internet Domain name or DNS domain name At least one base DN is required Also known as Root DN LDAP Version Authentication Attribute Test Connection button Add button e.g. dn=cyberoam, dn=com Specify LDAP version e.g. 2 or 3 Set Authentication Attribute Allows to check the connectivity of Cyberoam with LDAP server Click to check Saves the server configuration and allows to add the Domain query for name resolution and authentication Click Add to add the domain query Cancel button Refer to Add Domain Query for more details Cancels the current operation Table LDAP Server configuration screen elements Connectivity check Connection to LDAP is enabled automatically during setup, but as LDAP server is used for authenticating users it is necessary to check whether Cyberoam is able to connect to LDAP or not. Connectivity can be checked: 1. At the time of adding LDAP server details Refer to Add LDAP server for details on checking connectivity at the time of adding LDAP server details. 2. After adding LDAP server details Select User External Authentication and click LDAP Server IP, which is to be tested for connection. Click Test Connection button. 7300-1.0-9/20/2005 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information