2.In the System Management page, click User Accounts > External Authentication.
3.Click the icon and select Add AD Authentication from the drop-down list. A wizard is opened to guide you through the steps to connect to the AD server and configure the tenant or domain access privileges for the imported user accounts.
1)Enter a unique name to identify the AD server and a brief description.
2)Enter the credentials to connect to the AD server. See AD Server Settings for more details.
3)Click Show Group to find available user groups from the AD server. All matched groups are listed in the Groups pane.
4)Select one or more user groups to import, and then click Next.
▪System Admin — click to assign the system administrator role to the user accounts. For the detailed privileges of System Management and User Management, refer to Featured Management Privileges.
▪Tenant Access — select one or more tenants to assign access permissions to the user accounts.
▪Tenant Admin — select one or more tenants to assign the tenant administrator role to the user accounts.
▪Allowed to Create Domain — select the check box to assign the domain creation permission to the user accounts.
▪Domain Access — select one or more domains to assign access permissions to the user accounts.
▪Domain Privileges — click Assign Privileges to assign more domain privileges to the user accounts by role. See Share Policy for more details.
6)Click Save to commit the settings.
7)In the pop-up dialog, enter the username and password of a user account under the specified server address or user root and click Verify to authenticate the connection.
4.Navigate to the Users tab and click Synchronize With LDAP/AD Server to immediately load the user accounts imported from the AD server. Alternately, the user accounts can also be automatically synchronized after the first-time login.
If you configured SSL on the AD server, complete the following configurations to connect to NetBrain Web API Server by using the Secure(SSL) connect type.
1.On NetBrain Web API Server, do the following:
3)Add the mapping relationship between the IP address and hostname of the AD server into the hosts file, which is located under the C:\Windows\System32\drivers\etc\ directory.
2.When configuring the connection information on the External Authentication tab, enter the FQDN of the AD server in the Server Address field.