We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Step 2 - Configure Active Directory

  • Last updated on

Barracuda highly recommends creating an additional administrator account using an independent domain that does not use Active Directory (AD) authentication. This allows you access to your Barracuda Cloud Archiving Service account if your AD server goes down or fails.

You must configure LDAP or Azure AD for group expansion and user attributes in the Barracuda Cloud Archiving Service.

Active Directory Limitations
Barracuda does not support using default AD groups, such as Domain Users, when applying entitlements for user access. Due to limitations within AD, these groups may not contain all users or any users at all.

Verify User Status
Before adding users to the Barracuda Cloud Archiving Service via your organization's LDAP servers, verify that users are enabled, are members of the domain, and that the mail attribute is set for each user.

Incoming Connections
To ensure uninterrupted access to LDAP server from the Barracuda Cloud, you must allow incoming connections from the following IP ranges:

  • 64.235.144.0/20
  • 35.170.131.81
  • 54.156.244.63
  • 54.209.169.44

Secure LDAP
Barracuda Networks recommends connecting your LDAP connection using SSL (LDAPS). As the information will be transmitted between Barracuda's cloud servers and your Cloud email service, you must ensure that the connection is secure. Contact your IT Administrator if you need help setting up LDAPS in your network.

Use AD authentication to store and administer Barracuda Cloud Archiving Service user accounts via your organization's LDAP or Azure AD.

When you first set up the Barracuda Cloud Archiving Service, a warning notice displays across the top of the web interface notifying you that you must configure AD through Barracuda Cloud Control and enable groups. Before you continue, you are required to either set up AD and wait for a sync to complete, or select to proceed without AD. Barracuda Networks highly recommends setting up local AD.

Add LDAP Active Directory

Use the following steps to set up Barracuda Cloud Control LDAP authentication:

  1. Log in to https://login.barracudanetworks.com/ as the account administrator, and go to Admin > Directories.

  2. Click Add Directory > LDAP Active Directory; the Create Directory wizard displays. In the Info page, specify the following details:
    1. Enter a name to represent the directory in the Directory Name field.
    2. Toggle User / Group Sync to On to synchronize with AD.
    3. Toggle Authenticate to On to allow users to authenticate using their LDAP AD credentials. When toggled Off, users must authenticate using their Barracuda Cloud Control credentials.
    4. Optionally, enter the administrator contact email address:
      CreateDirectory.png
  3. Click Save & Continue.
  4. In the Host page, enter the following details for your LDAP host:
    1. LDAP Host IP address

    2. LDAP Host Port

    3. Base domain name

    4. Username

    5. Password

    6. Select the Connection Security as STARTTLS, LDAPS, or None.

  5. Click Add Domain; the domain is added to the Domains field. Click Verify.
  6. Click Test to verify connectivity. If the connection is successful, Connected displays. If the connection fails, verify the entered LDAP host details. Click Continue.
  7. In the Domains page, click Add domain to add the domain to the AD configuration. Complete this step for each domain you want to add.
  8. To verify you own the domains you plan to include in your AD configuration, select the manner in which to verify the domains:
    • Copy a META tag to your domain header, or
    • Add a TXT record to your host's DNS management settings
      VerifyDomain.png
  9. Click Verify. Once the domain is verified, it is added to the Directories table in the Admin > Directories page in Barracuda Cloud Control.

Add Azure Active Directory

See also: Azure AD with Active Directory Federation Services

Use the following steps to set up Barracuda Cloud Control Azure AD authentication:

  1. Log in to https://login.barracudanetworks.com/ as the account administrator, and go to Admin > Directories.

  2. Click Add Directory > Azure Active Directory; the Create Directory wizard displays. In the Info page, enter a name to represent the directory in the Directory Name field.
  3. Click Connect to Microsoft to sign in to Microsoft and authorize Barracuda Cloud Control to connect to your Azure AD account.
  4. Once authorization is complete, toggle User / Group Sync to On to synchronize with Azure AD.
  5. Toggle Authenticate to On to allow users to authenticate using their Azure AD credentials. When toggled Off, users must authenticate using their Barracuda Cloud Control credentials.
  6. Optionally, enter the administrator contact email address. Click Save & Continue.
  7. Once verification is complete, your Azure AD domains display in the wizard. Click Done.

For end-user authentication, refer to How to Set Up Active Directory Groups for End-User Authentication.

 

 

Last updated on