Operation: Add Active Directory Server / Test Active Directory Server / Edit Active Directory Server
Description: To Create/Edit/Test Active Directory Server. It is used by the appliance for authenticating users against an Active Directory.  

Sample Configuration
<AuthenticationServer> <ActiveDirectory> <!-- For Active Directory --> <ServerName>name</ServerName> <ServerAddress>ipaddress</ServerAddress> <Port>port</Port> <NetBIOSDomain>name</NetBIOSDomain> <ADSUsername>username</ADSUsername> <Password>password</Password> <ConnectionSecurity>Simple/SSL/StartTLS</ConnectionSecurity> <ValidCertReq>Enable/Disable</ValidCertReq> <IntegrationType>LooseIntegration/TightIntegration</IntegrationType> <!-- Only for tight integration --> <DisplayNameAttribute>Text</DisplayNameAttribute> <EmailAddressAttribute>Text</EmailAddressAttribute> <DomainName>name</DomainName> <SearchQueries> <Query>Text</Query> : </SearchQueries> </ActiveDirectory> </AuthenticationServer>



Parameter Mandatory Default Description
ServerNameYes  
Specify a name for identifying the Server.
ServerName confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • Maximum characters allowed are 50.
  • UTF-8 character(s) are allowed.
ServerIpDomain/ServerAddressYes  
Specify IP Address of the Server.
ServerIpDomain/ServerAddress confines to:
  • Type is 'SCALAR'.
  • Datatype is 'IPADDRESS','IPADDRESS6','DOMAIN'.
  • Maximum characters allowed are 255.
  • IP Class other than 'MULTICAST', 'RESERVED', 'LOCALHOST', 'UNSPECIFIED', 'BROADCAST', 'LINKLOCAL' is allowed.
PortYes 389 
Specify port number through which the Server communicates.
Port confines to:
  • Type is 'SCALAR'.
  • Datatype is 'INTEGER'.
  • Allowed port range: 1 to 65535
ServerName/NetBIOSDomainYes  
Specify NetBIOS Domain name.
ServerName/NetBIOSDomain confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • Maximum characters allowed are 100.
  • UTF-8 character(s) are allowed.
ADSUsername/Administrator/UsernameYes  
Specify admin username to access ADS.
ADSUsername/Administrator/Username confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Character not allowed: Comma (,)
  • Maximum characters allowed are 100.
  • UTF-8 character(s) are allowed.
PasswordNo  
Specify admin password to access ADS.
Password confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 50.
ConnectionSecurityYes  
Select the type of Connection Security for sending the Username and Password to the external Server from the available options: Simple, SSL or STARTTLS.
ConnectionSecurity confines to:
  • Type is 'SCALAR'.
  • Only 'Simple', 'SSL', 'StartTLS' are allowed.
ValidCertReq/ValidateServerCertificateNo  
Select to validate the certificate of the external Server.
ValidCertReq/ValidateServerCertificate confines to:
  • Type is 'SCALAR'.
  • Only 'Enable', 'Disable' are allowed.
IntegrationTypeNo  
Select integration type which is used in setting the user group membership from the available options: Loose Integration or Tight Integration.
IntegrationType confines to:
  • Type is 'SCALAR'.
  • Only '1' are allowed.
DisplayNameAttributeNo  
Specify the name to be displayed to the user for the ADS.
DisplayNameAttribute confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 30.
EmailAddressAttributeNo mail 
Specify the name to be displayed to the user for the configured Email Address.
EmailAddressAttribute confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 30.
DomainNameYes  
Specify Domain name to which the query is to be added.
DomainName confines to:
  • Type is 'SCALAR'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 50.
QueryNo  
Specify Search Query.
Query confines to:
  • Type is 'ARRAY'.
  • Datatype is 'STRING'.
  • Maximum characters allowed are 255.
  • Multiple values are allowed.
ServerTypeYes  
Select Server type from the available options: LDAP Server, Active Directory or RADIUS Server.
ServerType confines to:
  • Type is 'SCALAR'.
  • Only '1' are allowed.



Operation   Status   Message
Add Active Directory Server200
Add Active Directory Server500
Add Active Directory Server502
Add Active Directory Server503
Test Active Directory Server200
Test Active Directory Server500
Test Active Directory Server541
Test Active Directory Server542
Test Active Directory Server543
Edit Active Directory Server200
Edit Active Directory Server500
Edit Active Directory Server503

© Copyright 2019 Sophos Firewall Limited. All rights reserved.
Sophos Firewall is registered trademarks of Sophos Firewall Limited and Sophos Firewall Group. All other product and company names mentioned are trademarks or registered trademarks of their respective owners.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise unless you are either a valid licensee where the documentation can be reproduced in accordance with the license terms or you otherwise have the prior permission in writing of the copyright owner.