User accounts in active directory - domain mapping, User accounts in active directory — domain mapping, Chapter – Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual
Page 204
Chapter 15
User Accounts and Groups
204
Figure 15.9
Import of accounts from Active Directory
Figure 15.10
Importing accounts from the Windows NT domain
15.4 User accounts in Active Directory — domain mapping
In WinRoute, it is possible to directly use user accounts from one or more Active Directory
domain(s). This feature is called either transparent support for Active Directory or Active
Directory domain(s) mapping. The main benefit of this feature is that the entire administration
of all user accounts and groups is maintained in Active Directory only (using standard system
tools). In WinRoute, a template can be defined for each domain that will be used to set specific
WinRoute parameters for user accounts (access rights, data transfer quotas, content rules —
see chapter
). If needed, these parameters can also be set individually for any accounts.
Note: The Windows NT domain cannot be mapped as described. In case of the Windows NT
domain, it is recommended to import user accounts to the local user database (refer to
Domain mapping requirements
The following conditions must be met to enable smooth functionality of user authentication
through Active Directory domains:
•
For mapping of one domain:
1.
The WinRoute host must be a member of the corresponding Active Directory do-
main.
2.
Hosts in the local network (user workstations) should use the WinRoute’s DNS
forwarder as the primary DNS server, because it can process queries for Active