Active Directory Authentication
R81 Harmony Endpoint Server Administration Guide|181
When you configure a new user account in AD, you are given the option to select a UPN suffix,
which by default will be the DNS name for your AD domain. It can be useful to have a selection
of UPN suffixes available. If your AD domain name is ad.example.com, it might be more
convenient to assign users a UPN suffix of example.com. To make additional UPN suffixes
available, you need to add them to AD.
Configuring Alternative Domain Names
When configuring Strong Authentication for Active Directory communication between the
Endpoint Security client and the Endpoint Security Management Server, you can configure
multiple UPN suffixes for the Active Directory domain name.
To Configure Additional UPN Suffixes for Active Directory Authentication
1. In SmartEndpoint open Manage > Endpoints Authentication Settings.
The Authentication Settings Properties window opens.
2. Click Add.
The New Authentication Principal Properties window opens.
3. In the Domain name field, enter the alternative Active Directory domain name. For
example, if the previously configured domain name is nac1.com add an alternative
domain name such as ad.nac1.com
4. Configure the other fields with the same values as the previously configured
authentication settings:
n
Principle Name
n
Version Key
n
Encryption Method
n
Password
5. Click OK.
6. Save the changes. Go to the Policy tab of SmartEndpoint, and in the Policy Toolbar, click
Save
Troubleshooting Authentication in Server Logs
To troubleshoot problems related to Active Directory Authentication, use the Authentication log
on the Endpoint Security Management Server or Endpoint Policy Server in the
$UEPMDIR/logs/Authentication.log file.
To Next Page
Loading...
