Configuring the Connection to an Active Directory
You can configure up to 100 Microsoft Active Directories as user information sources for Juniper Identity Management Service.
Before you being, you need the following information:
The hostname or IP address of the Active Directory
The username and password that you configured for the limited permission user account for Active Directories
If you delete an Active Directory from the JIMS server, the corresponding users and groups will continue to appear in the CSO UI for an additional period of time (approximately two hours). Those users and groups will eventually be removed from the CSO UI.
The users and groups associated with the deleted Active Directory will not be removed until you restart the JIMS server.
To configure a connection to an Active Directory:
- In the navigation pane, select Data Sources and then select the Info Sources tab.
- In the upper Active Directory Sources pane, click Add. The Add Active Directory Configuration page appears.
- If you can utilize the same Active Directory source configuration on multiple data sources, from Templates list select from one of the available templates to support the grouping of an information source configuration. See Configuring Data Source Templates for details on creating a data source template.
- In the Add Active Directory Configuration page, do the
- Type a description of the Active Directory.
- Type the hostname or IPv4 address of the Microsoft Active Directory.
- Type the username credential (Login ID) for Juniper Identity Management Service to use to authenticate with the Active Directory. This is the username credential that you configured for the limited permission user account for Active Directories.
- Type the password credential for Juniper Identity Management Service to use to authenticate with the Active Directory. This is the password credential that you configured for the limited permission user account for Active Directories.
- Keep the Yes option button selected to specify
that the JIMS server uses a Secure Sockets Layer (SSL) connection
to communicate with the Active Directory. The default setting is Yes. If you select the No option button, the JIMS
server uses an Active Directory Service Interfaces (ADSI) connection
between it and the Active Directory.
The ADSI connection is not encrypted. This option is not recommended.
- To edit the info source, hold down the control key and click the Edit, or hold down the control key and double-click the entry that you want to edit. You will see the deltas with a white background until you save it.
- Click OK to save the settings.