Configure > Security > Access Control > IWA

The Integrated Windows Authentication (IWA) page appears only if you have enabled IWA in the Features table on the Configure > My Proxy > Basic > General tab.

Use this page to join or unjoin the Windows domain. When a domain has been joined, the page provides a summary of the domain attributes and an Unjoin button.

For a complete description, see Integrated Windows Authentication.

Integrated Windows Authentication

Domain Name Specifies the fully qualified Windows domain name.
Administrator Name Specifies the Windows Administrator user name.
Administrator Password

Specifies the Windows Administrator password.

Note: The name and password are used only during the join and are not stored.
Domain Controller

Specifies how to locate the domain controller:

  • Auto-detect using DNS
  • DC name or IP address

If the domain controller is specified by name or IP address, you can also specify backup domain controllers in a comma separated list.

Content Gateway Hostname

Specifies the Content Gateway hostname.

Because IWA uses the hostname as a NetBIOS name when registering with Kerberos, the hostname cannot exceed 15 characters in length (a NetBIOS restriction), or 11 characters on Forcepoint appliances (which add 4 characters to the hostname to ensure that the hostname is unique across modules (Doms).

Important: Once the domain is joined the hostname cannot be changed. If it is, IWA will immediately stop working until the domain is unjoined and then rejoined with the new hostname.
Join Domain Click Join Domain to join the domain.