This solution applies to Barracuda SSL VPNs, all firmware versions.
This article describes how to configure SSL VPN's LDAP user
database option to connect to an Active Directory. This may be required if for
some reason you are unable to use the Active Directory user database option to
Log on as the super user, ssladmin and go to Access Control > User Databases. Click the LDAP tab which will bring up the options to configure a new database, or you could choose to edit the Default User Database and then choose the LDAP tab.
You will now be presented with the LDAP database configuration page, you must enter your LDAP settings before continuing. The following settings are required:-
Set the hostname to the domain controller and enter the base DN for your Active Directory. If you are unsure as to what this is you can create it from your domain name. For example if your domain is mydomain.com then the base DN will be DC=mydomain,DC=com.
Like the standard Active Directory database you will need a service account for SSL VPN to access user and group information. Create an account if required and then enter the account’s DN and password where required. Again, if you are unsure then you can construct it using the following technique. If the account was created with Bob as the user's first name, Smith as his surname and the account resides in an organizational unit called Employees you would enter CN=Bob Smith,OU=Users. Normally the DN would also have the base DN appended to it but SSL VPN will automatically add this for you at runtime.
Now you must configure the user and role classes and their
attributes, you can leave all the settings as default except for the following:
Username Attribute: sAMAccountName
Email Attribute: mail
Role Membership Attribute: memberOf
Role membership attribute contains DN?: ticked
Role Class: group
Role Membership Attribute: member
There is no need to edit the Adanced Options unless you need to alter the port number from the default 389.
Link to This Page: