Security > Content Gateway user authentication > Rule-Based Authentication > Rule-based authentication Domain list
|
1.
|
Rule-based authentication must be enabled (Configure > My Proxy > General).
|
2.
|
5.
|
Optionally, configure the Aliasing option.
|
1.
|
2.
|
3.
|
In the Domain Identifier field, enter a unique name that will help you recognize the domain and its purpose.
|
4.
|
Optionally, configure the Aliasing option. For information, see Unknown users and the 'alias' option.
|
5.
|
In the Domain Name field, enter the fully qualified domain name. For example, ad1.example.com.
|
6.
|
In the Administrator Name field enter the Windows Administrator user name.
|
7.
|
In the Administrator Password field enter the Windows Administrator password.
|
8.
|
Select how to locate the domain controller:
|
9.
|
Confirm the Content Gateway Hostname.
|
10.
|
Click Join Domain.
|
1.
|
2.
|
In the IWA Domain Details section, select how to locate the domain controller:
|
3.
|
4.
|
Click Apply.
|
|
WINS resolution is not supported. Domain controllers must have hostnames that can be resolved by a DNS server.
|
|
Extended security is not supported and cannot be enabled on the domain controller.
|
|
NTLM2 session security is not supported and cannot be enabled on clients. In the Security Settings area of the Windows operating system, inspect the Network Security: Minimum session security settings.
|
|
NTLMv2 is not supported with Active Directory 2008.
|
1.
|
2.
|
3.
|
In the Domain Identifier field, enter a unique name that will help you recognize the domain and its purpose. After the domain is added, the name cannot be changed.
|
4.
|
Optionally, configure the Aliasing option. For information see: Unknown users and the 'alias' option.
|
5.
|
In the Legacy NTLM Domain Details section:
|
a.
|
In the Domain Controller entry field enter the IP address and port number of the primary domain controller. If no port is specified, Content Gateway uses port 139.
|
Even if load balancing is not selected, if multiple domain controllers are specified and the load on the primary domain controller reaches the maximum number of connections allowed, new requests are sent to a secondary domain controller as a short-term fail over provision, until such time that the primary domain controller can accept new connections.
|
6.
|
Click Add Domain.
|
1.
|
2.
|
3.
|
In the Domain Identifier field, enter a unique name that will help you recognize the domain and its purpose. After the domain is added, the name cannot be changed.
|
4.
|
Optionally, configure the Aliasing option. For information see: Unknown users and the 'alias' option.
|
5.
|
In the LDAP Domain Details section:
|
a.
|
In the LDAP Server Name field, enter the fully qualified domain name or IP address of the LDAP server.
|
b.
|
If the LDAP server port is other than the default (389), in the LDAP Server Port field, enter the LDAP server port.
|
c.
|
Enter the LDAP Base Distinguished Name. Obtain this value from your LDAP administrator.
|
d.
|
Select the LDAP Server Type from the drop down list.
|
|
Select sAMAccountName for Active Directory
|
|
Select uid for other directory services
|
e.
|
In the Bind Domain Name field, enter the bind distinguished name. This must be a Full Distinguished Name of a user in the LDAP directory service. For example:
|
f.
|
g.
|
Enable Secure LDAP if you want Content Gateway to use secure communication with the LDAP server. If enabled, set the LDAP port to 636 or 3269.
|
6.
|
Click Add Domain.
|
Security > Content Gateway user authentication > Rule-Based Authentication > Rule-based authentication Domain list
|