Technical Library
|
Support
Clients
>
Working with users and groups
> Directory services
Directory services
Web Security Help | Web Security Solutions | Version 7.8.x
A directory service is a tool that stores information about a network's users and resources. Before you can add user clients (users, groups, domains, or organizational units) in the Web Security manager, you must configure Websense User Service to retrieve information from your directory service.
Use the
Settings > General > Directory Services
page to identify the directory service used in your network. You can configure settings for only one type of directory service per Policy Server.
Note
In Websense Web Security Gateway Anywhere deployments, information from the Directory Services page is also used to populate the Hybrid Configuration > Shared User Data page. This allows the hybrid service to apply user and group-based policies. See
Send user and group data to the hybrid service
.
First select a directory service from the Directories list. The selection that you make determines which settings appear on the page.
See the appropriate section for configuration instructions:
Windows Active Directory (Mixed Mode)
Windows Active Directory (Native Mode)
Novell eDirectory and Oracle (Sun Java) Directory Server
Warning
In Websense Web Security Gateway Anywhere deployments, the hybrid service supports Windows Active Directory (Native Mode), Oracle Directory Server, and Novell eDirectory.
Once configuration is complete, User Service communicates with the directory service to enable user and group-based policy enforcement. User Service caches the user and group information that it collects for up to 3 hours. If you make changes to user, group, or OU entries in the directory service, use the
Clear Cache
button under User Service Cache to force User Service to refresh its user and group mappings immediately. Note that user-based policy enforcement may slow down for a brief period while the cache is being recreated.
If you plan to allow administrators to use their network accounts to log on to the TRITON console, you must also configure directory service communication on the TRITON Settings > User Directory page. The same directory must be used to authenticate all administrative users. See the TRITON Settings Help for details.
Clients
>
Working with users and groups
> Directory services
Copyright 2016 Forcepoint LLC. All rights reserved.