Setting up Active Directory integration
The following details are required to allow the Protex server to connect to the AD domain. Once all the required information has been entered the Protex server will need to be rebooted. Once it has restarted log in again and go to Server/Samba status menu to confirm that it has joined your local domain.
Browser Setting Requirements (for AD Authentication)
- must allow cookies
- "do not proxy for" setting must include the Protex server's FQDN and IP address.
- In almost all cases it is also preferable include the whole local network in the "do not proxy for" setting.
This is the Windows2000 compatible domain name and not a FQDN. Typically it will be a single string of UPPERCASE, e.g. MYSERVER.
This is the realm of you AD server. Typically it will be a single string of UPPERCASE characters formatted like a DNS domain with dots ('.'), e.g. MYSERVER.TEST. If you are unsure what to use contact your school Active Directory server administrator or network manager.
The AD server's hostname - again this is not the FQDN.
Depending upon the configuration on your server you can use either the Pre-Windows2000 or Active Directory (AD) authentication style. For newer Windows servers it is likely that the AD style with a realm will be required as it is more secure and connecting via the older RPC protocol is disabled by default.
AD Server IP Address
The IP address of the AD server.
Domain Admin Username
The user entered here should not be the main domain administrator for security reasons. A better option is to create a dedicated
Protex user and make it a member of the Domain Administrators group.
If you want to restrict it further by creating a special group for the user with more limited rights then the essential abilities required of this user are:
- to be able to add machine accounts to the domain
- to be able to enumerate all the AD groups
- to be able to enumerate all the AD users
As individual AD configurations differ we do not support this last option - please feel free to experiment but we cannot support/troubleshoot connection problems where the connecting user is not a member of the
Domain Admins group.
Domain Admin Password
The password of the user entered above.