Sangfor Community»Categories Products Internet Access Gateway (IAG) IAM External Auth Server MS Active Directory

IAM External Auth Server MS Active Directory

views: 20932 | comments: 12 | added to Favorites 0
Lights on | 提示:支持键盘翻页<-左 右->
    组图打开中,请稍候......
Created: 05 Jul 2018 11:53

Summary:

Hi, Trying to integrate IAM with existing Active Directory for users authentication. But it seems failed.My config as follows : But the i got the error

Reply

Michael So Posted 28 Jul 2018 10:40
Try administrator@domain.com
zeni Posted 17 Jul 2018 12:17
@FAE
thanks for the answer, I can manage to integrate OU in sangfor, but can't integrate GROUPS (SECURITY GROUPS in AD).
For Example, we have OU : Sales
Member in OU Sales, some of them are not allowed accessing the internet.
So I create a SECURITY GROUP in AD-DS and assign a name INTERNET and added some of sales user in it. all member in INTERNET GROUP are allowed accessing internet.
Is it possible to add groups in sangfor for authenticate?
FAEoTONGoTH Posted 16 Jul 2018 17:02
in the baseDN can select the group that u want, then other groups can not auth
zeni Posted 10 Jul 2018 18:04
Hi FAEoTONGoTH,

Cool, now it's Connected. Thanks.

The next issue i want to know, if we create group in AD DS server, for example named "INTERNET"
and every user joined that group is granted access, and if the user not member of INTERNET group can't login in and access to the internet. How should i do?
FAEoTONGoTH Posted 10 Jul 2018 17:18
HI,
in the administrator field
can try with administrator@domain.name

domain.name = your domain
CTI LS Posted 10 Jul 2018 14:42
Hi,

Can you check from the "Local User" to see if the users from AD has sync into IAM ?
kevinjapto Posted 10 Jul 2018 13:00
i also have this problem.
zeni Posted 10 Jul 2018 11:43
Hi,
Sorry for my late reply,

Here's the result

> telnet 192.168.2.75 389
Resolving ...
192.168.2.75:389 connect OK
CTI LS Posted 10 Jul 2018 10:02
Hi,

Sorry for late reply. May I know are you still facing this issue?
If yes, can you try to telnet from IAM to your AD server port 389 ?