Active Directory server

Using Microsoft Active Directory, you can register the firewall as a Windows domain and create an object for it on the primary domain controller. The firewall can then query user and resource information on the Windows domain network.

Tip You can import Active Directory user groups through the import group wizard. Go to Authentication > Servers and click for the Active Directory server. If a user is a member of more than one group, the policies of the first matching group will apply.
Note When users sign in for the first time, they are added to these groups under these conditions:

Default group: When they are members of a group that hasn’t yet been imported.

Open group: When they are part of an OU (organization unit) but aren’t part of a directory group.

General settings

Server IP/domain
Server IP address or domain.
Server port.
NetBIOS domain
NetBIOS domain for the server.
ADS username
User name for the admin user of the server.
Password for the admin user of the server.
Connection security
Connection security for the server.
Note Using encryption is recommended.
  • Simple Send user credentials as unencrypted plain text.
  • SSL/TLS Use Secure Sockets Layer/Transport Layer Security to encrypt the connection.
  • STARTTLS Upgrade a non-encrypted connection by wrapping it with SSL/TLS after or during the connection process. Uses the default port.
Validate server certificate
When using a secured connection, validates the certificate on the external server.
Display name attribute
Name for the server, which is displayed to the user as the server user name.
Email address attribute
Alias for the configured email address, which is displayed to the user.
Domain name
Domain name for which the query is to be added.
Search queries
Queries to execute on the server.

Click Add and create an LDAP query. Refer to LDAP Query Basics and LDAP Query Examples for more information.