User Tools

Site Tools


active_directory

This is an old revision of the document!


Active Directory Integration

This is the up to date process of integrating your eFa 4.0 with Active Directory.

AD Authentication Integration

This guide will go through the step's necessary for you to setup mailwatch to authenticate against a Secure Active Directory Server. this makes administration easier and seamlessly allows your users to login to their quarantine folders.

Preparing your AD Server

This will go over creating a bind user with least privilege and if exporting the root CA for LDAPS use.

Creating Bind User

Everything I have ever read on best practice for creating a bind user account is using a simple domain user and disabling interactive login. That has never worked for me. I also have to delegate one permission. To do this, open Active Directory Users and Computers, right click on the domain, and select “Delegate Control…” Click “Next”, then select the user that you are using for the LDAP bind and click “Next”. The permission that they will need is on the next screen “Read all inetOrgPerson information.” After this step I am able to use the account for ldap binding.

Setting up Secure LDAP

  • Adding root Certificate to eFa
  • Verifying certificate trust

Config Changes in eFa

active_directory.1586621069.txt.gz · Last modified: 2020/04/11 16:04 by smyers119