Solved

Extending the Active Directory Schema

Posted on 2014-07-25
5
269 Views
Last Modified: 2014-07-25
I'm trying to set up Active Directory authentication to my Watchguard Firewall.  It's telling that I need to 1st extend the Active Directory Schema - Doesn't this mean I need to create an AD group for the firewall access and add it to the firewall?  I'm trying to have my users authenticate to AD instead of the firewall.
0
Comment
Question by:WellingtonIS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 37

Expert Comment

by:Mahesh
ID: 40220168
What active directory schema version you are running ?

Windows 2003 \ 2008 \ 2008 R2 \ 2012 \ 2012 R2 ?

You need to check firewall documentation what minimum active directory domain controller version it require to make integration ?

Accordingly you may need to extend ad schema to later AD version
0
 

Author Comment

by:WellingtonIS
ID: 40220176
2012 I guess I'm asking how to extend ad schema?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 40220207
Ok
Extending AD schema for 3rd party tools \ software is not easy and risky operation.
Basically AD requires proper ldf files to be imported to AD schema get extended
According to me, you need to consult either firewall vendor or Microsoft Support to extend AD schema for custom attributes

Check below article
http://www.watchguard.com/help/docs/wsm/xtm_11/en-US/index.html#cshid=en-US/authentication/ldap_optional_settings_about_c.html
0
 

Author Comment

by:WellingtonIS
ID: 40220217
ADSI edit.. But why in the world would I need to do that for Authentication for a Watchguard firewall?  ALl the documentation says Before You Begin

To use these optional settings you must:
■Extend the directory schema to add new attributes for these items.
■Make the new attributes available to the object class that user accounts belong to.
 ■Give values to the attributes for the user objects that should use them
I've set up AD but I have no idea what attributes I need to add.  Is there documentation somewhere in the world explaining this?
0
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 40220225
That is why I suggested you to please contact firewall vendor support or MS support
Either vendor should provide ldf files to import in AD or MS can do that
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

634 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question