Unified Services Router User Manual
158
8.4.4 Active Directory Server
Setup > External Authentication > Active Directory Settings
Active Directory authentication is an enhanced version of NT Domain authentication.
The Kerberos protocol is leveraged for authentication of users, who are grouped in
Organizational Units (OUs). In particular the Active Directory server can support
more than a million users given is structure while the NT Domain server is limited to
thousands.
The configured Authentication Servers and Active Directory domain(s) are used to
validate the user with the directory of users on the external Windows based server.
This authentication option is common for SSL VPN client users and is also useful for
IPsec / PPTP / L2TP client authentication.
Figure 115: Active Directory Authentication Server configuration
8.4.5 LDAP Server
Setup > External Authentication > LDAP Settings
The LDAP authentication method uses LDAP to exchange authentication credentials
between the router and external server. The LDAP server maintains a large database
of users in a directory structure, so users with the same username but belonging to
different groups can be authenticated since the user information is stored in a
hierarchal manner. Also of note is that configuring a LDAP server on Windows or
Linux servers is considerably less complex than setting up NT Domain or Active
Directory servers for user authentication.
To Next Page
Loading...
