Configuring an Active Directory User

This section describes how to configure an active directory (AD) user.

Configuring an AD Server

To create an AD user, first you need to configure an AD server to import an AD user and perform authentication. To configure an AD server, take the following steps:

  1. Select Objects > AD User from the menu bar.
  2. In the AD User dialog, configure basic options for the AD server in the AD Server Configuration section.
    • Server name: Specifies a name for the AD server.
    • Server address: Specifies an IP address or domain name for the AD server.
    • Port: Specifies a port number for the AD server. The value range is 1 to 65535. The default value is 389.
    • Login-dn: Specifies authentication characteristics for Login-dn (a user account with query privilege pre-defined by the AD server).
    • Base-dn: Specifies a Base-dn for the AD server. Base-dn is the starting point at which your search will begin when the AD server receives an authentication request.
    • Password: Specifies a password for the AD server. This should correspond to the password for Admin DN.
    • Confirm password: Enter the password again to confirm.
  3. Click More Configuration... to configure advanced options for the AD server.
    • Role mapping rule: Specifies a role mapping rule for the AAA server. With this option selected, system will allocate a role for users who have been authenticated to the server according to the specified role mapping rule.
    • Backup server 1: Specifies an IP address or domain name for Backup server 1.
    • Backup server 2: Specifies an IP address or domain name for Backup server 2.
    • Authentication mode: Specifies an authentication mode (either plain text or MD5). The default mode is MD5.
  4. Click OK to save your settings.

Tip: For detailed information about IP/MAC binding, importing and exporting of the AD User dialog, see Configuring a User Binding.

Editing an AD Server

To edit an AD server, take the following steps:

  1. Select Objects > AD User from the menu bar.
  2. In the AD User dialog, select an AD server from the Active Directory drop-down list, and click Configure. In the Active Directory Server Configuration dialog, modify according to your need.

Synchronizing Users

You can synchronize users in an AD server to the security device. To synchronize users, take the following steps:

  1. Select Objects > AD User from the menu bar.
  2. In the AD User dialog, select an AD server from the Active Directory drop-down list, and click Sync Users.