Active directory external authentication service – Avocent Network Device SPC420 User Manual

82 DSView 3 Software Installer/User Guide

Active Directory external authentication service

NOTE: When adding an Active Directory external authentication service, you can allow trusted forests to be
discovered. A forest is a group of domains, and a forest may have a trusted relationship with other forests. In
some configurations, a user may belong to one forest but be assigned to groups in another forest. The DSView 3
server needs access to both forests to authenticate and authorize this user.

To add an Active Directory external authentication service:

1.

Click the Users tab.

2.

Click Authentication Services in the top navigation bar. The User Authentication Services
window will open.

3.

Click Add. The Add Authentication Service Wizard will appear.

4.

The Provide Authentication Service Name and Type window will open.

a.

Type a name for the external authentication service.

b.

Select Active Directory from the menu.

c.

Click Next.

5.

The Specify Active Directory Connection Settings window will open.

a.

Type the Active Directory domain name for the domain you wish to add in the AD
Domain Name field.

b.

In the User Container field, specify the name of the container to search for user accounts.
This will limit the search scope to that container. The name may be entered in several
forms, optionally including a sub-domain. Valid forms are explained below by example.

Assume an Active Directory domain name of “sunrise.mycompany.com” with users in
subfolder “sun/myusers.” The User Container field may be entered as:

Example 1 (no sub-domain): “sun.myusers”

Example 2 (no sub-domain): “ou=myusers,ou=sun”

If users are contained in a sub-domain such as “mktg.sunrise.mycompany.com”, valid
forms are:

Example 1 (with sub-domain): “mktg.sunrise.mycompany.com/sun/myusers”

Example 2 (with sub-domain and no container specified):
“mktg.sunrise.mycompany.com/”

Example 3 (with sub-domain):
“ou=myusers,ou=sun,dc=mktg,dc=sunrise,dc=mycompany,dc=com”

c.

In the Group Container field, specify the name of the container to search for user groups.
This will limit the search scope to that container. The name may be entered in several
forms, optionally including a sub-domain. Valid forms are explained in step 5b above.

d.

In the Username Type menu, select the type of username. Each choice in the menu
contains an example.

A Full Windows 2000 username is specified as username@domain.