You can connect only to one Active Directory domain. To do so, you must configure a connection to the domain controller.
To configure a connection to an Active Directory domain controller.
<hostname or IP address of server>:<port>
.In case of server availability issues, you can specify multiple servers with domain controllers by separating them with commas. All of the specified servers must reside in the same domain.
When the startTLS method is used, first it establishes an unencrypted connection over port 389, then it sends an encryption request. If the STARTTLS command ends with an error, the connection is terminated.
Make sure that port 389 is open. Otherwise, a connection with the domain controller will be impossible.
When using SSL, an encrypted connection is immediately established over port 636.
When using an encrypted connection, it is impossible to specify an IP address as a URL.
If no certificate was previously added, the drop-down list shows No data.
The certificate will be uploaded and displayed in the Secret list.
If multiple addresses are indicated in the URL field, KUMA will wait the specified number of seconds for a response from the first server. If no response is received during that time, the program will contact the next server, and so on. If none of the indicated servers responds during the specified amount of time, the connection will be terminated with an error.
If a user matches two groups in the same tenant, the role with the least privileges will be used.
Filter input example: CN=KUMA team,OU=Groups,OU=Clients,DC=test,DC=domain
.
A connection with the Active Directory domain controller is now configured. For domain authorization to work, you must also add group of KUMA user roles.
You can also check the connection for the previously entered domain controller connection settings.
To check the connection to the domain controller:
If necessary, you can create a new secret by clicking the button or change the settings of an existing secret by clicking the
button.
A pop-up notification is displayed with the test results. The pop-up notification shows the following message: Connection established. If a connection could not be established, the reason for the lack of connection is displayed.
Page top