This is an old revision of the document!
Table of Contents
Active Directory Integration
This is the up to date process of integrating your eFa 4.0 with Active Directory.
AD Authentication Integration
This guide will go through the step's necessary for you to setup mailwatch to authenticate against a Secure Active Directory Server. this makes administration easier and seamlessly allows your users to login to their quarantine folders.
Preparing your AD Server
This will go over creating a bind user with least privilege and if exporting the root CA for LDAPS use.
Creating Bind User
Everything I have ever read on best practice for creating a bind user account is using a simple domain user and disabling interactive login. That has never worked for me. I also have to delegate one permission. To do this, open Active Directory Users and Computers, right click on the domain, and select “Delegate Control…” Click “Next”, then select the user that you are using for the LDAP bind and click “Next”. The permission that they will need is on the next screen “Read all inetOrgPerson information.” After this step I am able to use the account for ldap binding.
Setting up Secure LDAP
- Adding root Certificate to eFa
- Verifying certificate trust