Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Authentication with active directory

seaweed_
Occasional Contributor
‎04-01-2009 04:33:AM
‎04-01-2009 04:33:AM

Authentication with active directory

I trying to configure external authentication for users with active directory and i want to configure the ssl to check with active direcory if the user is a member of it.Any ideas on how to do this?

Thank you

0 Kudos
4 REPLIES 4
muttbarker_
Valued Contributor
‎04-01-2009 06:45:AM
‎04-01-2009 06:45:AM

Re: Authentication with active directory

Hey Seaweed - it is still early in California, so I may be reading your question wrong It sounds like you are just looking to do basic authentication using your AD server. The steps are very straightforward if that is what you are asking. You would define an auth-server using your AD server as the specified device.

You would then either modify a already existing realm (like the default one of users) or create a new one and specify the previously defined auth-server to be used for authentication for that realm.

You could then also use that same AD server for authorization, or use another server for that piece. I personally always prefer to use LDAP (against AD) due to the flexibility you have with it.

If I misread your question - sorry -

0 Kudos
seaweed_
Occasional Contributor
‎04-01-2009 07:04:AM
‎04-01-2009 07:04:AM

Re: Authentication with active directory

the customer allready has another ssl vpn appliance which will be replaced by an SA.going quickly through the web interface i saw

CN=xx 01 DIALIN USERS,OU=Groups,OU=GR,DC=xxxxx,DC=xxxxxx,[email protected] A. ihave never configured previously active directory.is this something tha will be needed in the config?

0 Kudos
muttbarker_
Valued Contributor
‎04-01-2009 07:33:AM
‎04-01-2009 07:33:AM

Re: Authentication with active directory

The data you show in your post is LDAP data refering to fields within the AD directory. You may (or may not) need to establish an LDAP Auth-server (pointing to the AD box) if you want to use anything other than "Groups" for determing role assigment. AD on the SSL box can be used for both authentication and authorization but as I said before you are better off using LDAP for the authorization part.

I would start simple -setup an auth-server using the AD box - assign it to a realm - do a generic role map like username=* so that you can confirm that authentication works for you and then move on to more complex role mapping, first using AD Groups and then once you are comfortable with that - add a second auth-server that points back to the AD server but using LDAP.

It sounds like you are not that familiar with the SSL box or LDAP. You might want to pick up "Juniper Networks Secure Access SSL VPN" configuration guide from Syngress Publishing. It is a good basic book that really walks you through all of this stuff and I think you can get it in e-book format (read online).

0 Kudos
DougR_
Contributor
‎04-01-2009 08:03:AM
‎04-01-2009 08:03:AM

Re: Authentication with active directory

It sounds like you would just create an auth-server using AD as normal. Then in the role mapping have the SA place users in the DIALIN USERS group into the desired role.
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.