We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SSL VPN

How do I configure Active Directory authentication over LDAP on my Barracuda SSL VPN?

  • Type: Knowledgebase
  • Date changed: 9 years ago
Solution #00003816

Scope:
This solution applies to Barracuda SSL VPNs, all firmware versions.

Answer:

This article describes how to configure SSL VPN's LDAP user database option to connect to an Active Directory. This may be required if for some reason you are unable to use the Active Directory user database option to configure AD.

Log on as the super user, ssladmin and go to Access Control > User Databases. Click the LDAP tab which will bring up the options to configure a new database, or you could choose to edit the Default User Database and then choose the LDAP tab.

You will now be presented with the LDAP database configuration page, you must enter your LDAP settings before continuing. The following settings are required:-

Set the hostname to the domain controller and enter the base DN for your Active Directory. If you are unsure as to what this is you can create it from your domain name. For example if your domain is mydomain.com then the base DN will be DC=mydomain,DC=com.

Like the standard Active Directory database you will need a service account for SSL VPN to access user and group information. Create an account if required and then enter the account’s DN and password where required. Again, if you are unsure then you can construct it using the following technique. If the account was created with Bob as the user's first name, Smith as his surname and the account resides in an organizational unit called Employees you would enter CN=Bob Smith,OU=Users. Normally the DN would also have the base DN appended to it but SSL VPN will automatically add this for you at runtime.

 

Now you must configure the user and role classes and their attributes, you can leave all the settings as default except for the following:

Username Attribute: sAMAccountName
Email Attribute: mail
Role Membership Attribute: memberOf
Role membership attribute contains DN?: ticked

Role Class: group
Role Membership Attribute: member

There is no need to edit the Adanced Options unless you need to alter the port number from the default 389.


Link to This Page:
https://campus.barracuda.com/solution/50160000000HUkdAAG