Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

15.4 User accounts in Active Directory — domain mapping

205

Directory and forward them to the corresponding domain server. If another DNS

server is used, user authentication in the Active Directory may not work correctly.

•

For mapping of multiple domains:

1.

The WinRoute host must be a member of one of the mapped domains. This domain

will be set as primary.

2.

It is necessary that the primary domain trusts any other domains mapped in

WinRoute (for details, see the documentation regarding the operating system on

the corresponding domain server).

3.

For DNS configuration, the same rules as in mapping of a single domain are ap-

plied (the WinRoute’s DNS forwarder is the best option ).

Domain mapping settings

To set Active Directory domain mapping, go to:

•

the Administration Console, section Users and groups → Users, the Active Directory
tab,

•

in the Web Administration interface, section Users and Groups → Domains and authen-
tication, the Active Directory.

Connecting the firewall to a domain (Software Appliance / VMware Virtual Appliance)

The upper section of the Active Directory tab provides information about domain membership

of the firewall’s host.

In the Software Appliance / VMware Virtual Appliance edition, it is possible to add the firewall

to a domain, change domain membership or disconnect the firewall from the domain.

This can be done in the easy-to-use wizard.

Figure 15.11

Adding firewall to a domain