active_directory
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
active_directory [2020/04/10 15:21] – smyers119 | active_directory [2020/04/11 16:19] – smyers119 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Active Directory Integration ====== | ====== Active Directory Integration ====== | ||
- | This is the up to date process of integrating your eFa 4.0 with Active Directory. | + | This is the up to date process of integrating your eFa 4.0 with Active Directory. |
- | ===== Preparing your AD Server ===== | + | ===== AD Authentication Integration ===== |
+ | This guide will go through the step's necessary for you to setup mailwatch to authenticate against a Secure Active Directory Server. | ||
+ | ==== Preparing your AD Server ==== | ||
+ | This will go over creating a bind user with least privilege and if exporting the root CA for LDAPS use. | ||
+ | === Creating Bind User === | ||
+ | Everything I have ever read on best practice for creating a bind user account is creating a simple domain user and disabling interactive login. | ||
+ | === Setting up Secure LDAP === | ||
+ | This is a important step. If you don't use Secure LDAP then the password of the bind user is transmitted in plain text. I am not going to go over how to create a PKI environment in windows. | ||
- | ==== Creating Bind User ==== | + | |
- | + | ||
- | ==== Setting up Secure LDAP ==== | + | |
- | + | ||
- | * Creating Certificate | + | |
- | + | ||
- | | + | |
+ | * Verifying certificate trust | ||
+ | ==== Config Changes in eFa ==== | ||
+ | Editing the config in / | ||
+ | < | ||
+ | // LDAP Settings | ||
+ | define(' | ||
+ | define(' | ||
+ | define(' | ||
+ | define(' | ||
+ | define(' | ||
+ | define(' | ||
+ | define(' | ||
+ | </ | ||
active_directory.txt · Last modified: 2020/04/11 16:29 by smyers119