Adconf
From Wiki of WFilter NG Firewall
(Difference between revisions)
(→AD Intergration) |
|||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:AD Intergration}} | {{DISPLAYTITLE:AD Intergration}} | ||
== AD Intergration == | == AD Intergration == | ||
| − | "AD Intergration" enables you to intergrate WFilter | + | "AD Intergration" enables you to intergrate WFilter NG Firewall with microsoft active directory, so you can: |
* Detect AD username of online devices. | * Detect AD username of online devices. | ||
* Set internet access and bandwidth shaper policies based on AD users. | * Set internet access and bandwidth shaper policies based on AD users. | ||
| Line 15: | Line 15: | ||
To enable "AD Intergration", the following conditions must be met: | To enable "AD Intergration", the following conditions must be met: | ||
| − | * A valid enterprise license of WFilter | + | * A valid enterprise license of WFilter NG Firewall. |
* A valid active directory. | * A valid active directory. | ||
* Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.) | * Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.) | ||
| Line 23: | Line 23: | ||
* Notice: | * Notice: | ||
| − | ** WFilter | + | ** WFilter NG Firewall uses different machanism to retrieve logon domain users when the DC is in external or internal network. |
** When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter. | ** When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter. | ||
** WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users. | ** WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users. | ||
Revision as of 13:54, 9 September 2016
1 AD Intergration
"AD Intergration" enables you to intergrate WFilter NG Firewall with microsoft active directory, so you can:
- Detect AD username of online devices.
- Set internet access and bandwidth shaper policies based on AD users.
- Record AD users internet activity.
For example:
- The real-time bandwidth will show AD username:
- Choose applied-to users(AD OU & users):
2 Settings
To enable "AD Intergration", the following conditions must be met:
- A valid enterprise license of WFilter NG Firewall.
- A valid active directory.
- Admin access to the active directory(The admin user shall belong to the "Domain Admins" group.)
- Notice:
- WFilter NG Firewall uses different machanism to retrieve logon domain users when the DC is in external or internal network.
- When "automatically sync domain users" is enabled, new or deleted domain users will be synced to WFilter.
- WFilter detects a domain user when it login into the active directory. So you might need to wait sometime to see logon users.
- The default user entry timeout is 30 hours. If no re-logon happens in 30 hours after last time logon, this username will be timeout.
- Some programs in the client device will automaticaly logon into the domain with a different AD user. In this case, you can add this user into the "Exception List".
