Solved

Sonicwall ldap users and groups setup

Posted on 2011-03-24
4
2,853 Views
Last Modified: 2012-05-11
I have a sonicwall connecting to a 2008 server. I'm not totally clear on the authentication side of things. It seems to be overly complicated!

First authentication is either ldap or ldap +users. why would I need ldap+users?

What I want is to create an OU in A.D called sonicwall. I then create a group in that OU called sonicwall users (I will use it for possibly single sign or vpn users but at the moment its purely test environment) I make a user a member of the sonicwall users group. I would like only the users in this group to be able to access via vpn etc.

When I enter internal.local/users in the "Trees containing users:" section in the directory tab I can do a test using the test tab and it authenticates but this is obviously no good as any user in the /users folder would be able to authenticate, I want only the users in the sonicwall users group to authenticate but no matter what I put in "Trees containing users" it doesn't work.

I think I could be missing some fundamentals here! thanks
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 35212009
Ldap + users let's you have a user in the sonicwall to VPN into incase ldap fails for some reason. I always choose that option with just one emergency admin user.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 35225974
ok thanks but is the rest of my setup correct or am i mis-reading something
0
 
LVL 6

Accepted Solution

by:
theonlyallan earned 500 total points
ID: 35398802
You can authenticate using the Test feature, but It should not allow the user to have VPN access.
Everybody will authenticate, but the users needs to be in a Group before the SW will allow them to do anything..

1 - Go to: Local Groups > Import Groups from LDAP.
2- Select the Group you want to Import: (Sonicwall Users)
3 - Under VPN Access tab, select the Subnets you want people to have access to.
4 - When the AD user with Sonicwall Users group assigned, they will be able to Login.

I would recommend installing Radius.. It works better and allows users to change passwords when expired.
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 35702825
thanks
0

Featured Post

How to Defend Against the WCry Ransomware Attack

On May 12, 2017, an extremely virulent ransomware variant named WCry 2.0 began to infect organizations. Within several hours, over 75,000 victims were reported in 90+ countries. Learn more from our research team about this threat & how to protect your organization!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question