Sonicwall ldap users and groups setup

I have a sonicwall connecting to a 2008 server. I'm not totally clear on the authentication side of things. It seems to be overly complicated!

First authentication is either ldap or ldap +users. why would I need ldap+users?

What I want is to create an OU in A.D called sonicwall. I then create a group in that OU called sonicwall users (I will use it for possibly single sign or vpn users but at the moment its purely test environment) I make a user a member of the sonicwall users group. I would like only the users in this group to be able to access via vpn etc.

When I enter internal.local/users in the "Trees containing users:" section in the directory tab I can do a test using the test tab and it authenticates but this is obviously no good as any user in the /users folder would be able to authenticate, I want only the users in the sonicwall users group to authenticate but no matter what I put in "Trees containing users" it doesn't work.

I think I could be missing some fundamentals here! thanks
LVL 6
Sid_FAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
theonlyallanConnect With a Mentor Commented:
You can authenticate using the Test feature, but It should not allow the user to have VPN access.
Everybody will authenticate, but the users needs to be in a Group before the SW will allow them to do anything..

1 - Go to: Local Groups > Import Groups from LDAP.
2- Select the Group you want to Import: (Sonicwall Users)
3 - Under VPN Access tab, select the Subnets you want people to have access to.
4 - When the AD user with Sonicwall Users group assigned, they will be able to Login.

I would recommend installing Radius.. It works better and allows users to change passwords when expired.
0
 
Aaron TomoskyTechnology ConsultantCommented:
Ldap + users let's you have a user in the sonicwall to VPN into incase ldap fails for some reason. I always choose that option with just one emergency admin user.
0
 
Sid_FAuthor Commented:
ok thanks but is the rest of my setup correct or am i mis-reading something
0
 
Sid_FAuthor Commented:
thanks
0
All Courses

From novice to tech pro — start learning today.