Kerio Tech Firewall6 Network Router User Manual


 
Chapter 13 User Accounts and Groups
200
If the DNS server itself is set in the operating system, the domain controller of
the Active Directory must be the first item in the DNS servers list in the DNS
Forwarder configuration (for details, refer to chapter 5.3).
For mapping of multiple domains:
1. The WinRoute host must be a member of one of the mapped domains.
2. It is necessary that this domain trusts any other domains mapped in WinRoute
(for details, see the documentation regarding the operating system on the corre-
sponding domain server).
3. For DNS configuration, the same rules are followed as for mapping of a single
domain (DNS server must be a domain server of the domain which the WinRoute’s
host belongs to).
Single domain mapping
To set Active Directory domain mapping, go to the Active Directory tab under User and
Groups Users.
If no domain mapping has been defined yet or only one domain is defined, the Active
Directory tab already includes predefined parameters customized for the domain map-
ping.
Active Directory mapping
In the top part of the Active Directory tab, it is possible to enable/disable mapping
of user accounts from the Active Directory domain to WinRoute.
The Active Directory domain name entry requires full DNS name of the mapped
domain (e.g. company.com, company would not be satisfactory). For your better
reference, it is also recommended to provide a short description of the domain
(especially if more domains are mapped).
Domain Access
In the Domain Access section, specify the login user name and password of an
account with read rights for the Active Directory database (any user account within
the domain can be used, unless blocked).
Click Advanced to set parameters for communication with domain servers: