Cisco Cisco Web Security Appliance S170 Guía Del Usuario
20-53
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 20 Authentication
NTLM Authentication
Joining the Active Directory Domain
When you configure an NTLM realm, you must enter information to join the
Active Directory domain to set up a computer account in the domain. An Active
Directory computer account is an account that uniquely identifies the computer on
the domain. It is also referred to as a machine trust account.
Active Directory domain to set up a computer account in the domain. An Active
Directory computer account is an account that uniquely identifies the computer on
the domain. It is also referred to as a machine trust account.
After you enter the Active Directory account information in the authentication
realm, click the Join Domain button to set up a computer account. Use the
Location field to define the organizational directory where AsyncOS should
create the computer account in the Active Directory domain.
realm, click the Join Domain button to set up a computer account. Use the
Location field to define the organizational directory where AsyncOS should
create the computer account in the Active Directory domain.
shows where you join an Active Directory domain.
Join Domain
button
button
(Active Directory
User)
User)
When you click Join Domain, enter the name and password
for the Active Directory user.
for the Active Directory user.
If the appliance and the Active Directory server are in the
same domain, any valid user that is a member of User
Domain is allowed.
same domain, any valid user that is a member of User
Domain is allowed.
However, depending on the Active Directory server
configuration, this user might need Domain Admin Group or
Enterprise Admin Group credentials. For example:
configuration, this user might need Domain Admin Group or
Enterprise Admin Group credentials. For example:
•
If the appliance and the Active Directory server are not
in the same domain, the Active Directory user must be
a member of the Domain Admin Group.
in the same domain, the Active Directory user must be
a member of the Domain Admin Group.
•
If the Active Directory server configuration is a forest,
the Active Directory user must be a member of the
Enterprise Admin Group.
the Active Directory user must be a member of the
Enterprise Admin Group.
Network Security Configure whether or not the Active Directory server is
configured to require signing. When you enable this check
box, the appliance uses Transport Layer Security (TLS)
when communicating with the Active Directory server.
box, the appliance uses Transport Layer Security (TLS)
when communicating with the Active Directory server.
Setting
Description