Configuring a Second Active Directory Account

Beginning with release 6.2.1, CloudControl now supports two Active Directory accounts.

Before You Begin

Create an Active Directory service account that will be used to authenticate users from the new Active Directory server. For more information, see Active Directory Service Account Requirements and Creating the Active Directory Service Account.

Procedure

From the Home tab, select System > Primary Authentication.
On the Primary Authentication page, select Actions > Add Active Directory.
In the confirmation box, click Configure Active Directory.

On the Details page of the Configure Active Directory wizard, enter the following:

Field	Value
Configuration Method	Choose whether to use Automatic or Manual configuration.
Set as Default Identify Source	Check the checkbox if you want this Active Directory to be the primary used for lookups. If you do not, then the first Active Directory that was configured in CloudControl will be the primary.
Domain Name	Enter the root domain name to use with Active Directory.
Security	Choose None or SSL. This is for automatic configuration only.
Account	Enter the name of the service account that you created for this Active Directory.
Password	Enter the password for the service account.

Click Continue.
If you selected Automatic configuration, do the following:
1. On the Domains page of the Configure Active Directory wizard, verify the domain that you want to use. The default domain is displayed with a star icon.
  
  Important: CloudControl automatically adds all of the discovered domain controllers and global catalogs, starting with the closest. If you have a large number, then this will be done in the background. If the domain that you want to use is not visible, and you do not want to wait, then we recommend that you complete the configuration process, then edit your AD configuration later.
2. Optionally edit the domain controllers and global catalog.
3. Click Continue and proceed to step 8.

If you selected Manual configuration, do the following:

On the Details page of the Configure Active Directory wizard, click Add a Domain Controller Now or the Create button and complete the following:

Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.

Field	Value
Name	Enter the domain controller name.
Security	Select whether you want to use no security or SSL.
Port	Enter the port for the domain controller or global catalog.
User Search Context (Base DN)	Enter the Base DN to use for searching users.
Group Search Context (Base DN)	Enter the BASE DN to use for searching groups.

Note: The Add a Domain Controller Now link is only available the first time you add a domain controller or global catalog.

Click Add.
Click the Create button to create an additional domain controller, or click Continue.

On the Global Catalogs page, click Add a Global Catalog Now or the Create button and complete the following:

Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.

Field	Value
Name	Enter the domain controller name.
Security	Select whether you want to use no security or SSL.
Port	Enter the port for the domain controller or global catalog.
User Search Context (Base DN)	Enter the Base DN to use for searching users.
Group Search Context (Base DN)	Enter the BASE DN to use for searching groups.

Click Add.
Click the Create button to create an additional global domain, or click Continue.
On the Add Additional Domains pop-up, choose one of the following:
- Click Add Additional Domains if you want to add one or more domains in addition to the default domain.
  
  On the Additional Domains page, click Add a Domain Now or the Create button, enter the domain information, and click Continue.
- Click Skip.
Click Close and proceed to step 8.

On the Summary page, review your changes, then click Apply.

The new Active Directory is added, and you can now choose between them by using the Active Directory drop-down at the top right of the Authentication page.