Configuring Remote AD Authentication
- Auth Mode
If this mode is selected, your bastion host does not synchronize user information from the AD domain server. You need to log in to the bastion host as the administrator and create system users manually. When a user logs in to your bastion host, its identity is authenticated by the AD domain server.
- Sync Mode
If this mode is selected, your bastion host synchronizes user information from the AD domain server. So, there is no need to create system users additionally. When a user logs in to your bastion host, its identity is authenticated by the AD domain server. For details, see Synchronizing AD Domain Users.
This topic describes how to configure the AD authentication mode.
Prerequisites
- You have the management permissions for the System module.
- You have obtained the information about the AD domain server.
Procedure
- Log in to your bastion host.
- Choose System > Sysconfig > Authenticate.
Figure 1 Configuring remote authentication
- Click Add in the AD Settings area.
- Select Auth for Auth Mode and configure other parameters as shown in Table 1.
Figure 2 AD Settings
Table 1 AD authentication parameters Parameter
Description
Server
Specifies the IP address of the AD domain server.
Status
Specifies the status of remote AD authentication (default: ).
- : AD domain authentication is enabled. If the configuration information is valid, AD domain authentication is enabled or AD domain users are synchronized to the bastion host when the user starts a login.
- : AD authentication is disabled.
SSL
Specifies the status of SSL encryption (default: ).
- : SSL encryption is disabled.
- : SSL encryption is enabled. After SSL encryption is enabled, data transmitted by synchronized users or authenticated users is encrypted.
Mode
Specifies the working mode of AD domain. Select Auth Mode.
Port
Specifies the access port of the remote server of AD domain. The default port number is 389.
Domain
Specifies the domain of the AD service.
- Click OK. You can then view AD authentication configurations in the AD server list.
Follow-up Operations
- To view details of the configured AD authentication, click Details in the Operation column.
- To modify or disable AD authentication, or change the authentication mode, click Edit in the Operation column and reconfigure the AD authentication in the displayed dialog box.
- If the AD authentication is no longer required, click Delete in the Operation column to delete it. Deleted authentication information cannot be recovered. Exercise caution when performing this operation.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.