Configuring Active Directory

When you configure CloudControl in the CloudControl GUI, on the Authentication tab you can choose to configure Active Directory rather than using Local Authentication. When you click Configure Active Directory Now, you must complete the Configure Active Directory wizard.

Important: You cannot configure Active Directory with SSL during the setup process. Configuring Active Directory with SSL requires that the AD certificate is exported from Microsoft Management Console and then imported into CloudControl. We recommend that you configure Local Authentication to finish the setup process and then configure Active Directory later. For more information on configuring Active Directory with SSL, see Configuring Active Directory.

Procedure 

  1. On the Details page of the Configure Active Directory wizard, enter the following: 

    Field

    Value

    Configuration Method

    Choose whether to use Automatic or Manual configuration.

    Domain Name

    Enter the default domain name to use with Active Directory.

    Security

    Choose None. SSL security cannot be configured during the setup process. This is for automatic configuration only.

    Account Enter the name of the service account that you created.

    Password

    Enter the password for the service account.
  1. Click Continue.

  2. If you selected Automatic configuration, do the following:

    1. On the Domains page of the Configure Active Directory wizard, verify the domain that you want to use. The default domain is displayed with a star icon.

      Important: CloudControl automatically adds all of the discovered domain controllers and global catalogs, starting with the closest. If you have a large number, then this will be done in the background. If the domain that you want to use is not visible, and you do not want to wait, then we recommend that you complete the configuration process, then edit your AD configuration later.

    2. Optionally edit the domain controllers and global catalog.

    3. Click Continue and proceed to step 8.

  3. If you selected Manual configuration, do the following: 

    1. On the Details page of the Configure Active Directory wizard, click Add a Domain Controller Now or the Create button and complete the following:

      Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.

      Field

      Value
      Name Enter the domain controller name.
      Security Select whether you want to use no security or SSL.

      Port

      Enter the port for the domain controller or global catalog.

      User Search Context (Base DN) Enter the Base DN to use for searching users.

      Group Search Context (Base DN)

      Enter the BASE DN to use for searching groups.

      Note: The Add a Domain Controller Now link is only available the first time you add a domain controller or global catalog.

    2. Click Add.
    3. Click the Create button to create an additional domain controller, or click Continue.

    4. On the Global Catalogs page, click Add a Global Catalog Now or the Create button and complete the following:

      Important: The same domain controller must be entered as both a Domain Controller and as a Global Catalog.

      Field

      Value
      Name Enter the domain controller name.
      Security Select whether you want to use no security or SSL.

      Port

      Enter the port for the domain controller or global catalog.

      User Search Context (Base DN) Enter the Base DN to use for searching users.

      Group Search Context (Base DN)

      Enter the BASE DN to use for searching groups.

    5. Click Add.

    6. Click the Create button to create an additional global domain, or click Continue.

    7. On the Add Additional Domains pop-up, choose one of the following:

      • Click Add Additional Domains if you want to add one or more domains in addition to the default domain.

        On the Additional Domains page, click Add a Domain Now or the Create button, enter the domain information, and click Continue.

      • Click Skip.
    8. Click Close and proceed to step 8.

  4. On the ASC_SuperAdmin Role Mapping page, enter the group name for the ASC_SuperAdmin user.

    The group name is the Active Directory security group name. Select the AD group name that you want to associate with the default role. The group names are automatically populated by CloudControl.

  5. Click Continue.
  6. On the Summary page, review your changes, then click Apply.
  7. Click Apply AD settings and Log Out in the confirmation window.

  1. Click OK to confirm.

    Both the setup process and the Active Directory configuration process completes.

Once the process is complete, the CloudControl GUI is rebooted. You must use your AD credentials to log back in to CloudControl.