Manage Users, Authentication, and VPN Certificates
412
ProSecure Unified Threat Management (UTM) Appliance
4. On the DC Agent screen (see Figure 244 on page 411), complete the fields and make your
selections from the drop-down lists as explained in the following table:
5. To add the newly configured DC agent to the List of DC Agent(s) table, click the Add table
button in the Action column.
The Status column displays ON when a DC agent is available and OFF when a DC agent is
not available.
To delete a DC agent from the table, click its Delete button in the Action column.
To edit a DC agent:
1. In the Domain column, locate the DC agent that you want to edit, and make changes in
the columns to the right of the Domain column as explained in the previous table.
2. In the Action column, click the DC agent’s Apply button to save your changes.
Example: Configure Active Directory Single Sign-On with a DC Agent
In the following example, you configure user authentication through Active Directory (AD)
single sign-on (SSO) with the use of a DC agent on a UTM50:
• The domain name is Test_Domain.
• The IP address of the authentication server is 12.18.39.27.
• The AD domain is test_user.com.
• The IP address of the UTM50 is 90.49.145.18.
To configure AD SSO with a DC agent:
1. Add a domain on the UTM50:
a. Select Users > Domains. The Domains screen displays.
Table 105. DC Agent screen settings
Setting Description
Domain From the Domain drop-down list, select an Active Directory (AD) domain to bind with
the DC agent. For information about configuring AD domains, see Configure Domains
on page 388.
DC Agent Listening
Port
Enter the listening port of the DC agent. The listening port is the port through which
the DC agent transfers the list of authenticated users to the UTM. The default port is
5182.
Synchronization
Interval
Enter the time interval (in seconds) at which the DC agent updates the list of
authenticated users. The default interval is 15 seconds.
Expiration length Enter time interval in hours or minutes (determined by your selection from the
Expiration length drop-down list) that is allowed to elapse before a user login expires.
The default setting is 0 (zero), that is, a user login does not expire.
Status Displays the status of the DC agent: ON indicates that the DC agent is active; OFF
indicates that the DC agent is inactive.