Kerio Tech Firewall6 User Manual

15.3 Local user database: external authentication and import of accounts

213

Figure 15.10

Configuration of automatic import of user accounts from Active Directory

The other option (specification of a controller) is recommended for domains with one server

only (speeds the process up).

It is also necessary to enter login data of a user with read rights for the Active Directory

database (any user account belonging to the corresponding domain).

Note: It is not possible to combine the automatic import with Active Directory domain map-

ping (see chapter

15.4

) as the local user database would collide with the mapped domain. If

possible, it is recommended to use the Active Directory mapping alternative.

Manual import of user accounts

It is also possible to import special accounts to the local database from the Windows NT do-

main or from Active Directory. Each import of a user account covers creating of a local account

with the identical name and the same domain authentication parameters. Specific WinRoute

parameters (such as access rights, content rules, data transfer quotas, etc.) can be set by using

the template for the local user database (see chapter

15.1

) or/and they can be defined individ-

ually for special accounts. The Windows NT / Active Directory authentication type is set for all

accounts imported..

Note: This method of user accounts import is recommended especially when Windows NT

domain is used (domain server with the Windows NT Server operating system). If Active Direc-

tory domain is used, it is easier and recommended to use the transparent support for Active

Directory (domain mapping — see chapter

15.4

).

Click Import on the User Accounts tab to start importing user accounts. In the import dialog,

select the type of the domain from which accounts will be imported and, with respect to the