Adconf

From Wiki of WFilter NG Firewall
(Difference between revisions)
Jump to: navigation, search
(AD Intergration)
Line 1: Line 1:
 
{{DISPLAYTITLE:AD Intergration}}
 
{{DISPLAYTITLE:AD Intergration}}
 
== AD Intergration ==
 
== AD Intergration ==
"AD Intergration" enables you to intergrate WFilter ROS with microsoft active directory, so you can:
+
"AD Intergration" enables you to intergrate WFilter NG Firewall with microsoft active directory, so you can:
 
* Detect AD username of online devices.
 
* Detect AD username of online devices.
 
* Set internet access and bandwidth shaper policies based on AD users.
 
* Set internet access and bandwidth shaper policies based on AD users.
Line 15: Line 15:
  
 
To enable "AD Intergration", the following conditions must be met:
 
To enable "AD Intergration", the following conditions must be met:
* A valid enterprise license of WFilter ROS.
+
* A valid enterprise license of WFilter NG Firewall.
 
* A valid active directory.
 
* A valid active directory.
 
* Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.)
 
* Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.)
Line 23: Line 23:
  
 
* Notice:
 
* Notice:
** WFilter ROS uses different machanism to retrieve logon domain users when the DC is in external or internal network.
+
** WFilter NG Firewall uses different machanism to retrieve logon domain users when the DC is in external or internal network.
 
** When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter.
 
** When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter.
 
** WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users.
 
** WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users.

Revision as of 13:54, 9 September 2016

1 AD Intergration

"AD Intergration" enables you to intergrate WFilter NG Firewall with microsoft active directory, so you can:

  • Detect AD username of online devices.
  • Set internet access and bandwidth shaper policies based on AD users.
  • Record AD users internet activity.

For example:

  • The real-time bandwidth will show AD username:

Ros adconf 001.png

  • Choose applied-to users(AD OU & users):

Faq en adconf003.png

2 Settings

To enable "AD Intergration", the following conditions must be met:

  • A valid enterprise license of WFilter NG Firewall.
  • A valid active directory.
  • Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.)

Faq en adconf001.png

Faq en adconf002.png

  • Notice:
    • WFilter NG Firewall uses different machanism to retrieve logon domain users when the DC is in external or internal network.
    • When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter.
    • WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users.
    • The default user entry timeout is 30 hours. If no re-logon happens in 30 hours after last time logon, this username will be timeout.
    • Some programs in the client device will automaticaly logon into the domain with a different AD user. In this case, you can add this user into the "Exception List".

3 FAQ

Personal tools
Namespaces

Variants
Actions
Navigation
Tools