Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual
Page 203
15.3 Local user database: external authentication and import of accounts
203
15.3 Local user database: external authentication and import of accounts
User in the local database can be authenticated either at the Active Directory domain or at the
Windows NT domain (see chapter
, step one). To apply these authentication methods, the
WinRoute host must belong to the corresponding domain.
If WinRoute is installed on Windows, the host can be added to the domain or domain member-
ship can be changed only in the operating system (in the computer properties).
In the Software Appliance / VMware appliance edition, domain membership can be set right in
the firewall’s administration:
•
in the Web Administration interface, section Domains and authentication, the Active
Directory tab.
•
the Administration Console, section Users, the Active Directory tab.
WinRoute in Software Appliance / VMware Virtual Appliance can be connected only to the
Active Directory domain, never to the Windows NT domain.
Importing user accounts
To the local user database, you can import selected accounts from theActive Directory or the
Windows NT domain (import from Windows NT is available only in WinRoute on Windows).
Each import of a user account covers creating of a local account with the identical name and
the same domain authentication parameters. Specific WinRoute parameters (such as access
rights, content rules, data transfer quotas, etc.) can be set by using the template for the local
user database (see chapter
) or/and they can be defined individually for special accounts.
The Active Directory / Windows NT authentication type is set for all accounts imported..
Note: This method of user accounts import is recommended especially when Windows NT
domain is used (domain server with the Windows NT Server operating system). If Active Direc-
tory domain is used, it is easier and recommended to use the transparent support for Active
Directory (domain mapping — see chapter
To import user accounts, click on the Import button below the list of user accounts (as Domain,
Local user database must be used, otherwise the button is inactive).
In the import dialog, select the type of the domain from which accounts will be imported and,
with respect to the domain type, specify the following parameters:
•
Active Directory — for import of accounts, Active Directory domain name, DNS name
or IP address of the domain server as well as login data for user database reading (any
account belonging to the domain) are required.
•
NT domain — domain name is required for import. The WinRoute host must be a mem-
ber of this domain.
Note: Import of user accounts from Windows NT is available only in WinRoute on
Windows.
When connection with the corresponding domain server is established successfully, all ac-
counts in the selected domain are listed. When accounts are selected and the selection is
confirmed, the accounts are imported to the local user database.