This article walks you through creating a new Realm in your SSH Gateway that is connected to your Active Directory user database. Once configured your users will be able to login to your SSH Gateway using their Active Directory credentials.
Step 1. Install Active Directory Extension
First you will need to ensure the Active Directory extension is installed. Goto the extensions section and check for the Active Directory Realms extension in the Installed tab. If its not present, you can install it by selecting the Available tab and clicking on the download icon on the right of the extension panel.
If the extension is already installed you can skip this and move onto Step 2.
Once the extension has completed download you can Restart the server. After restart, proceed to Step 2.
Step 2. Creating a new Realm
Once the server has restarted go to System > Realms and select the Create option.
You'll be presented with the Realm Creation page, if Active Directory extension has installed correctly you will see that the default Realm Type is set to Active Directory
You'll need to set the Realm Name for identification, the hostname and domains of the domain controller, the protocol used by the domain controller (SSL or Plain), and credentials for the service account that is used to maintain the connection.
The other tabs displayed allow you to set more specific options such as the Base DN and fine tune reconcile settings. The connection should complete with just the Details tab completed.
Click Create to complete the operation and create the Realm. The image below shows the newly created realm in the System's Realm table.
Step 3. Switch to the new Realm.
As the System Administrator you are able to view and navigate through all Realms in the system. Once your new Realm has been created you will need to switch into it before you can configure it.
In the top right hand corner select the Realms icon and select your new Realm from the dropdown list. Once you have switched you will notice the footer text change to indicate which Realm you are currently in.
If you now navigate to Access Control > Users you should be able to see your user accounts. If you have a particularly large Active Directory it may take some time for users to appear in the list.
Step 4. Assign a Realm Administrator
This step is optional, you can manage the new Realm using the System Administrator account. However you may want to grant Administrative access to some users within the Active Directory.
Any user that you place into the Administrator Role will have full administrative rights solely within their own Realm. They will only be able to manage users, roles, resources created within the Realm they reside.
To do this, navigate to the Access Control > Roles table and edit the Administrator Role.
In this article we installed the Active Directory extension, created an Active Directory Realm and then switched into the Realm to configure its Administrators.