Configuring a Second Active Directory Account
Beginning with release 6.2.1, CloudControl now supports two Active Directory accounts.
Before You Begin
Create an Active Directory service account that will be used to authenticate users from the new Active Directory server. For more information, see Active Directory Service Account Requirements and Creating the Active Directory Service Account.
Procedure
- From the Home tab, select System > Primary Authentication.
- On the Primary Authentication page, select Actions > Add Active Directory.
- In the confirmation box, click Configure Active Directory.
-
On the Details page of the Configure Active Directory wizard, enter the following:
Field
Value
Configuration Method
Choose whether to use Automatic or Manual configuration.
Set as Default Identify Source
Check the checkbox if you want this Active Directory to be the primary used for lookups. If you do not, then the first Active Directory that was configured in CloudControl will be the primary.
Domain Name
Enter the root domain name to use with Active Directory.
Security
Choose None or SSL. This is for automatic configuration only.
Account Enter the name of the service account that you created for this Active Directory. Password
Enter the password for the service account.
- Click Continue.
-
If you selected Automatic configuration, do the following:
-
On the Domains page of the Configure Active Directory wizard, verify the domain that you want to use. The default domain is displayed with a star icon.
Important: CloudControl automatically adds all of the discovered domain controllers and global catalogs, starting with the closest. If you have a large number, then this will be done in the background. If the domain that you want to use is not visible, and you do not want to wait, then we recommend that you complete the configuration process, then edit your AD configuration later.
-
Optionally edit the domain controllers and global catalog.
-
Click Continue and proceed to step 8.
-
-
If you selected Manual configuration, do the following:
-
On the Details page of the Configure Active Directory wizard, click Add a Domain Controller Now or the Create button and complete the following:
Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.
Field
Value
Name Enter the domain controller name. Security Select whether you want to use no security or SSL. Port
Enter the port for the domain controller or global catalog.
User Search Context (Base DN) Enter the Base DN to use for searching users. Group Search Context (Base DN)
Enter the BASE DN to use for searching groups.
Note: The Add a Domain Controller Now link is only available the first time you add a domain controller or global catalog.
- Click Add.
- Click the Create button to create an additional domain controller, or click Continue.
-
On the Global Catalogs page, click Add a Global Catalog Now or the Create button and complete the following:
Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.
Field
Value
Name Enter the domain controller name. Security Select whether you want to use no security or SSL. Port
Enter the port for the domain controller or global catalog.
User Search Context (Base DN) Enter the Base DN to use for searching users. Group Search Context (Base DN)
Enter the BASE DN to use for searching groups.
-
Click Add.
-
Click the Create button to create an additional global domain, or click Continue.
-
On the Add Additional Domains pop-up, choose one of the following:
-
Click Add Additional Domains if you want to add one or more domains in addition to the default domain.
On the Additional Domains page, click Add a Domain Now or the Create button, enter the domain information, and click Continue.
- Click Skip.
-
- Click Close and proceed to step 8.
-
-
On the Summary page, review your changes, then click Apply.
The new Active Directory is added, and you can now choose between them by using the Active Directory drop-down at the top right of the Authentication page.