Active Directory is a set of objects located on the domain server, which contains all the information that allows users to control access to the network. It records user names and passwords, their access permissions to files, printers and other network resources, disk quotas, computers and times that each user can use, etc.
Interaction with Active Directory allows network users from the domain in which the system server is located to be imported and incorporated as system users.
There are 2 ways to do this integration, the first is by importing users directly from Active Directory. To do this, go to Users and click on Import from Active Directory as shown in the image below:
•Domain: Enter the network domain.
•User for domain authentication: User to authenticate to the domain with the right to list users.
•Password for domain authentication: Domain user password.
•Filter: Search filters allow you to define criteria and provide more efficient searches. To learn about the LDAP filter visit the Microsoft page: https://msdn.microsoft.com/en-us/library/aa746475(v=vs.85).aspx
After filling in the fields, click Search Users and all users registered in the domain will be listed. To add the desired users to the system, simply select them and click OK.
A user belonging to the domain has the following configuration screen:
All username and password options are blocked because authentication is done in the domain and no longer natively in the system, that is, the account lock, Biopass and Account expiration options will no longer be available.
The second way of integration is to create a user or change an existing native one. To do this, change the User Type field to Active Directory User. For correct operation, the user name and domain must be filled in correctly according to the users registered in the current Domain.