Configure a Novell eDirectory compatible STAS
Sophos Firewall supports single sign-on (SSO) authentication for Novell's eDirectory through Sophos Transparent Authentication Suite (STAS). Once users are authenticated, STAS grants them access to resources.
Introduction
In this example, you want to configure STAS and Sophos Firewall to authenticate users with the Novell eDirectory server.
Configure Novell eDirectory settings in STAS
- Sign in to the server with the STAS application using the administrator credentials.
- Start STAS from the desktop or Start menu.
- Go to General > Monitored Domains.
-
For Domain Type, select Novell eDirectory.
-
Click the ellipses button [...] to open the Novell eDirectory Configuration window.
-
Specify the following example settings:
Parameter Value Description IP address 192.168.2.10 IP address of the eDirectory server. Port 389 The port on which STAS will communicate with eDirectory.
Secure LDAP port 636 isn't supported.
Base DN o=sophos The top level of the LDAP directory tree. Admin DN cn=administrator,
o=sophosThe administrator's identification. Password Sophos123! The administrator's password. -
Click Test Connection to test the connectivity with the server.
- Click OK.
- Go to STA Agent and select EDIRECTORY as the STA Agent mode.
-
Go to Monitored Networks, click Add, and enter the networks to be monitored.
Here's an example:
-
Go to STA Collector > Sophos Appliances and click Add.
-
Enter the IP addresses of the Sophos Firewall appliances in the network.
Here's an example:
-
Click OK.
Configuring Sophos Firewall
- Sign in to the command line using Telnet or SSH. You can also access it from admin > Console in the upper-right corner of the web admin console.
- Choose option 4. Device Console.
-
Enter the following commands:
system auth cta disable
system auth cta enable
system auth cta collector add collector-ip <ipaddress> collector-port <port number> create-new-collector-group
system auth cta show
Here's an example:
More resources