Working with users and groups

In order to apply policies to individual users and groups in your network, configure User Service to access your directory service to obtain directory object (user, group, and OU) information.

User Service can communicate with Windows Active Directory in native mode, and with Novell eDirectory or Oracle (formerly Sun Java) Directory Server Enterprise Edition accessed via Lightweight Directory Access Protocol (LDAP).

• When you use an LDAP-based directory service, duplicate user names are not supported. Ensure that the same user name does not appear in multiple domains.
• If you are using Active Directory or Oracle Directory Server, user names with blank passwords are not supported. Assign passwords to all users.

User Service conveys information from the directory service to Filtering Service for use in applying policies. As a best practice, install User Service on a Windows machine (though it can reside on Linux).

To configure directory service communication, see Connecting web protection software to a directory service.