beautypg.com

Configuring ad authentication – H3C Technologies H3C SecPath F1000-E User Manual

Page 382

background image

370

Item Description

Search Template

Specify a search template.

Use a template to
query user DN

Select this option to query the user DN by a template.

User DN template

Specify the user DN template to be used to query the user DN.

Configuring AD authentication

Active Directory (AD) is a directory service provided by Windows 2000 Server and later versions. It

saves information of objects on a network and allows administrators and users to query the information.

AD uses structured data storage, which is the basis of the directory information logical structure. The SSL
VPN system can cooperate with the existing AD server of an enterprise seamlessly to provide AD

authentication for users in the enterprise.

NOTE:

For successful AD authentication of a user, you must also configure the user information on the AD
authentication server, create user groups, and add the user to the user groups. Make sure that the user
groups configured on the authentication server exist on the SSL VPN gateway. Otherwise, the user cannot

log in.

Select VPN > SSL VPN > Domain Management > Authentication Policy from the navigation tree and click

the AD Authentication tab. The LDAP authentication configuration page appears, as shown in

Figure

254

.

Figure 254 AD authentication

Table 54 Configuration items

Item Description

Enable AD
authentication

Select this item to enable AD authentication.

AD Domain Name

Enter the name of the AD domain.

AD Server IP

Enter the IP addresses of the AD servers.
You can specify four AD servers at most. When one server fails, the system uses another
server to authenticate users. The system selects the specified servers in the configuration

order of the servers. The first configured server has the highest priority.