Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring an Infranet Controller Active Directory or NT Domain Server Instance (NSM Procedure)

    The Infranet Controller supports Windows NT authentication and Active Directory using NTLM or Kerberos authentication. When authenticating users with an NT Primary Domain Controller (PDC) or Active Directory, users sign into the Infranet Controller using the same username and password they use to access their Windows desktops.

    To configure an Active Directory or Windows NT domain server instance:

    1. In the NSM navigation tree, select Device Manager> Devices.
    2. Click the Device Tree tab, and then double-click the Infranet Controller for which you want to configure an Active Directory or NT domain server instance.
    3. Click the Configuration tab. In the configuration tree, select Authentication > Auth Servers.
    4. Add or modify an Active Directory or NT domain server instance as specified in Table 1.
    5. Click one:
      • OK—Saves the changes.
      • Cancel—Cancels the modifications.

    Table 1: Active Directory or NT Domain Instance Configuration Details

    OptionFunctionYour Action

    Auth Server Name

    Specifies a name for the auth server.

    Enter a name for the auth server.

    Auth Server Type

    Specifies the auth server type.

    Select AD/NT Server.

    AD/NT Settings > General tab

    Primary Domain Controller or Active Directory

    Specifies the name or IP address for the primary domain controller or Active Directory server.

    Enter the name or IP address.

    Secondary Domain Controller or Active Directory

    Specifies the name or IP address for the backup domain controller or Active Directory server.

    Enter the name or IP address.

    Domain

    Specifies the domain name of the Active Directory or Windows NT server.

    Enter the domain name of the Active Directory or Windows NT domain.

    Note: For example, if the Active Directory domain name is us.amr.asgqa.net and you want to authenticate users who belong to the US domain, enter US as the domain.

    Allow domain to be specified as part of username

    Allows users to sign in by entering a domain name in the Username box in the format: “domain\username.”

    Select AD/NT Settings > General > Allow domain to be specified as part of username to enable this feature.

    Allow trusted domains

    Allows users to get group information from all trusted domains within a forest.

    Select AD/NT Settings > General >Allow trusted domains to enable this feature.

    Admin Username

    Specifies an administrator username for the Active Directory or NT server.

    Enter an administrator username for the Active Directory or NT server.

    Admin Password

    Specifies an administrator password for the Active Directory or NT server.

    Enter an administrator password for the Active Directory or NT server.

    Kerberos (most secure)

    Allows the Infranet Controller to send user credentials to Kerberos.

    Select AD/NT Settings > General >Kerberos (most secure) to enable this feature.

    NTLMV2 (moderately secure)

    Allows the Infranet Controller to send user credentials to NTLMv2.

    Select AD/NT Settings > General >NTLMV2 (moderately secure) to enable this feature.

    NTLMV1 (least secure)

    Allows the Infranet Controller to send user credentials to NTLMv1.

    Select AD/NT Settings > General >NTLMV1 (least secure) to enable this feature.

    Use LDAP to get Kerberos realm name

    Allows the Infranet Controller to retrieve the Kerberos realm name from the Active Directory server using the specified administrator credentials.

    Select AD/NT Settings > General >Specify Kerberos realm name to enable this feature.

    Specify Kerberos realm name

    Specifies Kerberos realm name.

    Enter the name.

    AD/NT Settings > Advanced tab

    User may belong to Domain Local Groups across trust boundaries

    Specifies that the selected user belongs to the Domain Local Groups who honor trust relationships in Active Directory.

    Select AD/NT Settings > Advanced > User may belong to Domain Local Groups across trust boundaries to enable this feature.

    Container Name

    Specifies the name that the Infranet Controller uses to join the specified Active Directory domain as a computer.

    Enter the computer name.

    Server Catalog > Expressions tab

    Name

    Allows you to enter a name for the user expression in the Active Directory or NT Domain server user directory.

    Enter a name for the user expression.

    Value

    Allows you to enter a value for the user expression in the Active Directory or NT domain server user directory.

    Enter the value for the user expression.

    Server Catalog > Groups tab

    Name

    Specifies the name of the group.

    Enter the name for the user group.

    Group

    Specifies the admin domain local groups information.

    Enter the name for the admin domain local group.

    AD Group

    Specifies the group that contains the administrators to enable centralized administration in an Active Directory domain.

    Enter the name for the administrators Active Directory group.

    Published: 2012-11-28