This solution applies to all Barracuda SSL VPN.
In most cases when the SSL VPN is configured to use an Active Directory or LDAP User Database it is only required that the SSL VPN be able to access to domain controller and read from but not write to the database. It is possible, however, to enable Read/Write access by changing the Read Only option.
In most cases the Read Only level of access is sufficient for the requirements of the system. In the small number of cases where it is necessary to allow changes to be made to the database through the SSL VPN Read/Write access can provide the ability for users to change their passwords and creating new users and group for the database from with-in the SSL VPN.
To enable Read/Write connectivity between the SSL VPN and Domain Controller:
- Go to ACCESS CONTROL > User Databases.
- Open the Edit page for the User Database.
- In the Connection section set the Protocol option to use SSL.
- The Service Account must now be a user that has either administrative permissions or at least permission to change passwords in the database.
- In the Options section set the Read Only option to No.
- Save the User Database.
When Read Only access has been disabled some options in the Accounts and Groups pages will become available (Create Accounts/Groups, change Password, etc). The user database will still follow the configuration options that have been set in the SSL VPN, so changes that are made will be cached and applied to the Domain Controller at the next cache refresh (if the database is configured in such a way).
Link to this page: