SonicWALL SonicWALL UTM Appliance manual

Page 9

trees are best ordered with those on the primary server first, and the rest in the same order that they will be referred.

NOTE: When working with AD, to determine the location of a user in the directory for the ‘User tree for login to server’ field, the directory can be searched manually from the Active Directory Users and Settings control panel applet on the server, or a directory search utility such as queryad.vbs in the Windows NT/2000/XP Resource Kit can be run from any PC in the domain.

Auto-configure– This causes the SonicWALL to auto-configure the Trees containing users and Trees containing user groups fields by scanning through the directories in search of all trees that contain user objects. To use auto-configure, first enter a value in the User tree for login to server field (unless anonymous login is set), and then click the Auto-configurebutton to bring up the following dialog:

Step 8: In the Auto Configure dialog box, enter the desired domain in the Domain to search field. Select one of the following:

oAppend to existing trees – This selection will append newly located trees to the current

configuration.

oReplace existing trees – This selection will start from scratch and remove all currently configured trees first.

Step 9: Click OK. The auto-configuration process may also locate trees that are not needed for user login.

You can manually remove these entries.

If using multiple LDAP/AD servers with referrals, this process can be repeated for each, replacing the Domain to search value accordingly and selecting Append to existing trees on each subsequent run.

9

Page 8 Page 10
Image 9
Page 8 Page 10
Contents Contents Page Integrating LDAP/Active Directory with Sonicwall UTM Configuring the CA on the Active Directory ServerImporting the CA Certificate onto the SonicWALL Configuring the SonicWALL Appliance for LdapPage Page Page Page Page Page Page Enable Radius to Ldap Relay Enables this feature Authentication Page Page Page Creating Firewall Rules with Ldap Groups/Users SonicOS Options That Leverage Groups/UsersPage Page Firewall Rules with Bandwidth Management & Logging Page Blocking Domains with Firewall Rules Blocking Websites Domain Names for Groups/UsersPage Page Navigate to Firewall Access Rules Create a rule to allow Http traffic for your allowed lists Do the same for Https Create the deny rules for Http and Https Firewall rules should now look like the below picture Blocking Https SSL Domains with SSL Control Configuring a SSL Blacklist and Whitelist Page Applying Different CFS Policies to Groups Page Creating Custom CFS Policies Navigate to the Policy tab and add a new CFS policy Page Page Page Http//$$fwinterface$$/$#SWLSTYLESCSS#$ Variables for Custom Block Page in SonicOSAdvanced Sample Code for SonicOS Basic Sample Code for SonicOSPage Page Sample Code for SonicOS 5.1 or Earlier Sample JavaScript Code for SonicOSApplying Application Firewall Polices to Groups/Users Page Page Page Page Tightening Control over the Browsing Behavior of Users Blocking IM Traffic Categorically Applying Granular IM Policies Global VPN Client GVC Applying VPN Access Policies to Groups/UsersPage SSL-VPN NetExtender Guest Services Wireless Guest Services
Top Page Image Contents