15.3 Local user database: external authentication and import of accounts
203
15.3 Local user database: external authentication and import of accounts
User in the local database can be authenticated either at the
Active Directory
domain or at the
Windows NT
domain (see chapter
, step one). To apply these authentication methods, the
WinRoute
host must belong to the corresponding domain.
If
WinRoute
is installed on
Windows
, the host can be added to the domain or domain member-
ship can be changed only in the operating system (in the computer properties).
In the
Software Appliance / VMware
appliance edition, domain membership can be set right in
the firewall’s administration:
•
in the
Web Administration
interface, section
Domains and authentication
, the
Active
Directory
tab.
•
the
Administration Console
, section
Users
, the
Active Directory
tab.
WinRoute
in
Software Appliance / VMware Virtual Appliance
can be connected only to the
Active Directory
domain, never to the
Windows NT
domain.
Importing user accounts
To the local user database, you can import selected accounts from the
Active Directory
or the
Windows NT
domain (import from
Windows NT
is available only in
WinRoute
on
Windows
).
Each import of a user account covers creating of a local account with the identical name and
the same domain authentication parameters. Specific
WinRoute
parameters (such as access
rights, content rules, data transfer quotas, etc.) can be set by using the template for the local
user database (see chapter
) or/and they can be defined individually for special accounts.
The
Active Directory / Windows NT
authentication type is set for all accounts imported..
Note:
This method of user accounts import is recommended especially when
Windows NT
domain is used (domain server with the
Windows NT Server
operating system). If
Active Direc-
tory
domain is used, it is easier and recommended to use the transparent support for
Active
Directory
(domain mapping — see chapter
).
To import user accounts, click on the
Import
button below the list of user accounts (as
Domain
,
Local user database
must be used, otherwise the button is inactive).
In the import dialog, select the type of the domain from which accounts will be imported and,
with respect to the domain type, specify the following parameters:
•
Active Directory
— for import of accounts,
Active Directory
domain name, DNS name
or IP address of the domain server as well as login data for user database reading (any
account belonging to the domain) are required.
•
NT domain
— domain name is required for import. The
WinRoute
host must be a mem-
ber of this domain.
Note:
Import of user accounts from
Windows NT
is available only in
WinRoute
on
Windows
.
When connection with the corresponding domain server is established successfully, all ac-
counts in the selected domain are listed. When accounts are selected and the selection is
confirmed, the accounts are imported to the local user database.
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...