Engine Editor > Advanced Settings > Authentication
Use this branch to configure advanced settings for user authentication.
Option | Definition |
---|---|
Default User Domain | The default LDAP domain from which the Secure SD-WAN Engine looks up users. Note: This setting applies to all
user authentication, including browser-based user authentication, VPN clients, and the SSL VPN Portal.
|
Allow user lookup from known User Domain matching to client certificate email domain or UPN suffix | When selected, the Secure SD-WAN Engine looks up the user from the domain specified in the email address or user
principal name before looking up the user in the default domain. Note: This option is ignored when the value of the Client Certificate Identity Field for
TLS option is Distinguished Name.
|
Client Certificate Identity Field for TLS | The attribute that is used to look up the user entry from the user domain when using TLS. The Secure SD-WAN
Engine only uses values from the Active Directory or LDAP server that is associated with the global default LDAP domain or the engine-specific default user domain.
|