contentACCESS Remote File archiving – version Orion

3.4.Active Directory tab

Active Directory integration settings
The remote agent needs to access Active Directory in order to be able to provision local Active Directory users to contentACCESS. During the provisioning process, the local users are re-created in contentACCESS with External Active Directory authentication. This will allow the users to log in to contentACCESS using their local AD credentials.

Enter the required LDAP server name. If explicit credentials need to be used to connect to the active directory, check the Use explicit credentials checkbox and click on Set credentials… on the right.

Enter the credentials and then click on Check credentials to verify if they are valid. If yes, click OK.

Click on Check Active Directory connection to see, if everything was set correctly.

During the provisioning, External Active Directory type logins are created for users of the selected groups. To allow the users to log in to contentACCESS using their local AD account, the authentication provider (contentACCESSWS) must be installed into the local domain and must be accessible for contentACCESS from outside. The external URL of the authentication proxy should be set here (for example: https://caAuth.company.com:981). Please note, that this public URL must be then forwarded to the machine (and port), where contentACCESSWS was installed and through which contentACCESS can reach the service. The URL must be published over HTTPS to avoid sniffing the user’s credentials.

Click on Check Remote Active Directory connection to see, if everything was set correctly.

Schedule
In this step the running times of the archive rule must be selected. It is possible to select only a schedule that was previously configured in contentACCESS. It is possible to refresh the list of schedules by clicking on the button.

Provisionable objects
The provisioning job synchronizes the Active directory with contentACCESS. When the provisioning job is started, it automatically adds the new Active Directory users into contentACCESS based on provisioning settings. The provisioned users will automatically get log on rights for Remote FA and the External AD login provider will be assigned to them.

Note: External AD login provider must be enabled in contentACCESS before provisioning.

To add object, click on and specify the object(s) in the respective dialog. You can select a group, of which objects will be provisioned, or you can select an Active Directory container, and synchronize all users inside this container. Choose the object type and enter the data in the following format:

  • in case of a Group: enter the name of the group
  • in case of a Container: enter the distinguished name (DN)

Click on Check object to verify if the specified object can be found.

Note: Do not specify some built-in groups (such as Domain Users, Users etc.) as provisionable objects. These groups use a computed mechanism based on the primary group of the user to determine membership and most probably will not contain any members by default.

After specifying the objects to be provisioned, click on Save and the on Provision. After the provisioning is finished, you can verify the created users and logins in contentACCESS Central Administration.

Yes No Suggest edit
Help Guide Powered by Documentor
Suggest Edit