Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Installation & Integration
  3. Articles

Connecting Kerio Control to Directory Services

Overview

This article explains different ways of connecting Kerio Control to Directory Services.

The following directory services are supported:

  • Microsoft Active Directory
  • Apple Open Directory

For information on the connection usages to AD, see Connection Advantages of Directory Services

Step-by-Step Guide

Conditions for mapping from Active Directory domains

  • Hosts in the local network (user workstations) should use the Kerio Control's DNS module as the primary DNS server, because it can process queries for Active Directory and forward them to the corresponding domain server. If another DNS server is used, user authentication in the Active Directory may not work correctly.
  • The Kerio Control host must be a member of the mapped domain. Otherwise, authentication in the Active Directory may not work correctly.
  • In case of mapping multiple domains, the Kerio Control host must be a member of one of the mapped domains (primary domain). The primary domain must trust all other domains mapped in Kerio Control.

Connecting to Microsoft Active Directory

  • Microsoft Active Directory is a directory service for Windows domain networks.
  • See the screenshot below for annotation reference
  1. In the administration interface, go to Domains and User Login > Directory Services.
  2. You have to be a member of the Active Directory domain. If the firewall is not a member of the domain, click Join Domain.
  3. In the Join Domain dialog, type the domain name and credentials with rights to join the computer to the Active Directory domain. If you are successfully connected to the domain, you can see a green icon with the name of your domain on the Directory Services tab.
  4. Check Map user accounts and groups from a directory service and select Microsoft Active Directory.
  5. Type Domain name.
  6. Type the username and password of a user with at least read rights for the Microsoft Active Directory database. Username format is user@domain.
  7. Click Test Connection. In the Users section, you can select the new domain and display all users from the Active Directory domain.

Ker.png 

Connecting to Apple Open Directory:

  1. Apple Open directory for Apple based networks.
  2. (For image reference, same as Microsoft AD, thus, refer to screenshot no.1)
  3. In the administration interface, go to Domains and User Login > Directory Services.
  4. Check Map user accounts and groups from a directory service and select Apple Open Directory.
  5. Type the domain name.
  6. Type the username and password of a user with at least read rights for Apple Open Directory database. Username format is user@domain.
  7. In Primary server/Secondary server, type IP addresses or DNS names of the primary and secondary domain servers.
  8. Click Test Connection. In the Users section, you can select the new domain and display all users from the Open Directory domain.

In order to connect to other domains, please refer to Connecting to Other Domains

Confirmation

You can now connect to Microsoft Active Directory and the Apple Directory Domain successfully.

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments