Configure the Integrated User ID Service
You can use the Integrated User ID Service on the NGFW Engine to provide transparent user identification for access control by user. The Integrated User ID Service is primarily meant for demonstration purposes and proof-of-concept testing of user identification services.
Before you begin
- You have created an Active Directory server element and added the Domain Control servers and Microsoft Exchange Servers from which the Active Directory server receives information in the Active Directory Server properties.
- You have created an External LDAP Domain element and bound the Active Directory Server element that you created to the External LDAP Domain element.
Note: The Integrated User ID Service requires that the external authentication method of the Active Directory Server and the authentication method of the External LDAP Domain is user password or
LDAP authentication.
Note: You cannot use the Integrated User ID Service with Virtual NGFW Engines.
Steps
Result
Integrated User ID Service Properties dialog box
Use this dialog box to define the properties of the Integrated User ID Service element.
Option | Definition |
---|---|
Name | The unique name of the element. |
Active Directory Domain | The External LDAP Domain from which the Integrated User ID Service receives information about users, groups, and IP addresses. |
Time Range for First Query | The time range for how far back in time the NGFW Engine queries for the user, IP address, and group information from the Active Directory Server. |
Polling Interval for Logon Information | How often the NGFW Engines polls for the user, group, and IP address information from the Active Directory Server. |
Ignored Users and IP Addresses | User names and IP addresses that the Integrated User ID Service does not monitor. |
Add | Click Add to define a user name and IP address that the Active Directory Server does not monitor. |
Remove
|
Removes the selected row from the list of ignored user names and IP addresses. |
Category | Includes the Integrated User ID Service in predefined categories. |
Comment | An optional comment for your own reference. |