Cisco Cisco Web Security Appliance S170 사용자 가이드
N T L M A U T H E N T I C A T I O N S E T T I N G S
C H A P T E R 1 7 : A U T H E N T I C A T I O N
397
NTLM Authentication Settings
Table 17-15 describes the authentication settings you define when you choose NTLM
authentication.
authentication.
Table 17-15 NTLM Authentication Settings
Setting
Description
Active Directory Server
Enter the Active Directory server IP address or host name. You can
specify up to three servers.
The host name must be a fully-qualified domain name. For example,
specify up to three servers.
The host name must be a fully-qualified domain name. For example,
ntlm.example.com
. An IP address is required only if the DNS
servers configured on the appliance cannot resolve the Active Directory
server host name.
Note: When multiple authentication servers are configured in the realm,
the appliance attempts to authorize with up to three authentication
servers before failing to authorize the transaction within this realm.
server host name.
Note: When multiple authentication servers are configured in the realm,
the appliance attempts to authorize with up to three authentication
servers before failing to authorize the transaction within this realm.
Active Directory Account
Enter the following Active Directory account information:
• Active Directory server domain name.
• NetBIOS domain name. You only need to enter the NetBIOS domain
• Active Directory server domain name.
• NetBIOS domain name. You only need to enter the NetBIOS domain
name if the network uses NetBIOS. This field only appears when the
NTLM security mode is set to “domain” using the
NTLM security mode is set to “domain” using the
setntlmsecuritymode
CLI command.
• Computer account location.
Note: You must click Join Domain to enter an Active Directory username
and password.
For more information about entering the Active Directory account
information, see “Joining the Active Directory Domain” on page 398.
Note: You must click Join Domain to enter an Active Directory username
and password.
For more information about entering the Active Directory account
information, see “Joining the Active Directory Domain” on page 398.
Join Domain button
(Active Directory User)
(Active Directory User)
When you click Join Domain, enter the name and password for the
Active Directory user.
If the appliance and the Active Directory server are in the same domain,
any valid user that is a member of User Domain is allowed.
However, depending on the Active Directory server configuration, this
user might need Domain Admin Group or Enterprise Admin Group
credentials. For example:
• If the appliance and the Active Directory server are not in the same
Active Directory user.
If the appliance and the Active Directory server are in the same domain,
any valid user that is a member of User Domain is allowed.
However, depending on the Active Directory server configuration, this
user might need Domain Admin Group or Enterprise Admin Group
credentials. For example:
• If the appliance and the Active Directory server are not in the same
domain, the Active Directory user must be a member of the Domain
Admin Group.
Admin Group.
• If the Active Directory server configuration is a forest, the Active
Directory user must be a member of the Enterprise Admin Group.