Add_workflow_for_techpubs |
---|
AUTH1 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cb41059c, userName='null'} |
---|
JIRAIDAUTH | SYM-27315 |
---|
REV5 | UserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'} |
---|
REV6 | UserResourceIdentifier{userKey=8a00a0c85b2726c2015b58aa779d0003, userName='null'} |
---|
REV3 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26ca2f03d1, userName='null'} |
---|
REV1 | UserResourceIdentifier{userKey=8a00a02355cd1c2f0155cd26cc7d083d, userName='null'} |
---|
|
This page describes how to configure
for Active Directory User Group Access:
Note |
---|
When configuring the Domain Controller, we recommend using a domain name other than the Domain Admin user. |
Step 1 - Configure the Domain Controllers
This step allows you to specify the Domain Controller(s) which will be used in the
system. The information from the same domain controller(s) will be used for AD-based
telephony routing and for
Logging in to SBC Edge using an AD domain user.
To add a Domain Controller, follow the instructions outlined in Adding and Modifying Domain Controllers with the following settings:
- DC Enabled: Set this field to True.
- Description: The name you wish to use for referencing this domain controller - used in the next step.
- IP Address/FQDN: The IP address or FQDN of the Domain Controller.
- DC Type: Set this field to Authentication.
- Search Scope: For example,
dc=uxdemo,dc=net.
- Server Timeout: The default is 5 (seconds), which is usually only updated if you receive TAC input.
- User Name: For example, uxacc@uxdemo.net.
- Enter and Confirm Password: The password for the AD user.
- DC Priority: Select the priority ranking of the domain controller.
Create Domain Controller
![Auth_and_Directory_Services.Active_Directory.Domain_Controllers.CreateButton.png](/plugins/servlet/confluence/placeholder/unknown-attachment?locale=en_GB&version=2)
Step 2 - Configure
for Active Directory Access
In this step, we configure the Active Directory settings on
such that we can authenticate users through the Domain Controller created earlier.
Configuring the SBC Edge Portfolio for Active Directory with the following settings:
In the Active Directory Configuration settings group:
- AD Enabled: True
- User Name: (for example, uxacc@uxdemo.net)
- Password: (the password for the AD user)
- Use TLS: False
- Operating Mode: Updates
In the Cache Settings group:
- Normalize Cache: False
- Update Frequency: 60 (minutes)
- Cache Attributes: for example
telephoneNumber, msRTCSIP-Line, mobile, displayName, userPrincipalName
In the User Authentication Settings
- Select the Domain Controller - created in Step 1
Step 3 - Configure AD User Group to Access Level Mapping
In this step, we map the Active Directory (AD) group with the SBC Edge access level for the AD user we wish to grant access on the
:
- Group Name: enter the name of the AD group
- Access level: select the access level for the group
Create User Group Mapping
![Auth_and_Directory_Services.Active_Directory.Domain_Controllers.CreateButton_FULLBROWSER.png](/plugins/servlet/confluence/placeholder/unknown-attachment?locale=en_GB&version=2)
Step 4 - Login with an Active Directory Domain User
To verify the AD domain user can access the
, the AD username must be supplied in the format
USERNAME@DOMAIN
- see
How User Authentication Works. Enter the following in the
login screen- User Name: enter the AD user name in the format
USERNAME@DOMAIN
; for example readonlyuser1@uxdemo.net
- Password: enter the password of the AD user