Improve company productivity with a Business Account.Sign Up

x
?
Solved

Sonicwall ldap users and groups setup

Posted on 2011-03-24
4
Medium Priority
?
3,084 Views
Last Modified: 2012-05-11
I have a sonicwall connecting to a 2008 server. I'm not totally clear on the authentication side of things. It seems to be overly complicated!

First authentication is either ldap or ldap +users. why would I need ldap+users?

What I want is to create an OU in A.D called sonicwall. I then create a group in that OU called sonicwall users (I will use it for possibly single sign or vpn users but at the moment its purely test environment) I make a user a member of the sonicwall users group. I would like only the users in this group to be able to access via vpn etc.

When I enter internal.local/users in the "Trees containing users:" section in the directory tab I can do a test using the test tab and it authenticates but this is obviously no good as any user in the /users folder would be able to authenticate, I want only the users in the sonicwall users group to authenticate but no matter what I put in "Trees containing users" it doesn't work.

I think I could be missing some fundamentals here! thanks
0
Comment
Question by:Sid_F
  • 2
4 Comments
 
LVL 40

Expert Comment

by:Aaron Tomosky
ID: 35212009
Ldap + users let's you have a user in the sonicwall to VPN into incase ldap fails for some reason. I always choose that option with just one emergency admin user.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 35225974
ok thanks but is the rest of my setup correct or am i mis-reading something
0
 
LVL 6

Accepted Solution

by:
theonlyallan earned 2000 total points
ID: 35398802
You can authenticate using the Test feature, but It should not allow the user to have VPN access.
Everybody will authenticate, but the users needs to be in a Group before the SW will allow them to do anything..

1 - Go to: Local Groups > Import Groups from LDAP.
2- Select the Group you want to Import: (Sonicwall Users)
3 - Under VPN Access tab, select the Subnets you want people to have access to.
4 - When the AD user with Sonicwall Users group assigned, they will be able to Login.

I would recommend installing Radius.. It works better and allows users to change passwords when expired.
0
 
LVL 6

Author Closing Comment

by:Sid_F
ID: 35702825
thanks
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Through the video, you can check the migration process of Outlook PST file to PDF. Kernel for Outlook to PDF tool can convert Outlook emails with all attributes like Subject, To, From, Cc, Bcc and other folders such as Inbox, Outbox, Sent Items, Jun…

595 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question