• Windows 2003
• Windows 2008
• Windows 2008R2
• Windows 2012
Important: The Windows Server event IDs must be correct
The D-Link IDA software will only listen for certain event IDs so the Windows Server
should be configured so that the correct IDs are generated. The IDs that the IDA listens
for are as follows:
i. For Windows Server 2003, the IDA listens for the following events:
• 636 - A user has been added to a local domain group.
• 637 - A user has been removed from a local domain group.
• 673 - A user has logged in.
ii. For Windows Server 2008 and later, the IDA listens for the following events:
• 103 - An RDP user has logged in and has been assigned a virtual IP.
• 104 - An RDP user has logged out and the user’s IP has been released.
• 4732 - A user has been added to a local domain group.
• 4733 - A user has been removed from a local domain group.
• 4768 - A user has logged in.
As explained previously, the agent service listens for authenticated users and sends their details
to the configured NetDefend Firewalls. The software has its own management user interface and
this interface has three tabs which are described next.
• The General tab
This tab consists of the following settings:
i. Listening IP - This is the IPv4 address and port number which the IDA will listen on for
connections to NetDefendOS. By default, the IDA will listen on port 9999 of 0.0.0.0/0,
which means any IPv4 address. Multiple IP values can be entered for this setting and
must include the IP configured for the NetDefendOS Authentication Agent object of the
connecting firewall.
ii. Remote Desktop IP Virtualization - This allows IDA to be used with a Windows Terminal
Server™. This feature is described in detail later in this section.
iii. User Timeout - This is the time within which NetDefendOS must authenticate the user
after they are authenticated by the Windows server.
Chapter 8: User Authentication
645
To Next Page
Loading...
