Specifications

ManualsBrandsRaritan ManualsComputer equipmentCOMMANDCENTER 2.20 -

131

132

133

134

135

136

137

138

139

140

122 COMMANDCENTER SECURE GATEWAY ADMINISTRATOR GUIDE

2. For each domain in the Trust Partner column, click the Trust Direction drop-down menu,

and then select the direction of trust you want to establish between the domains. Trust

directions are updated in all AD modules when you make changes to one AD module.

• Incoming: information will be trusted coming in from the domain. In the figure

above, AD Module 2 would trust information coming in from AD Module 1

• Outgoing: information will be trusted going to the selected domain. In the figure

above, AD Module 1 would trust information coming in from AD Module2.

• Bidirectional: information will be trusted in both directions from each domain.

• Disabled: information will not be exchanged between the domains.

3. Click Apply to save your changes, and then click OK to save the AD module and exit the

window.

4. The new AD module appears in the Security Manager screen, under External AA Servers.

Check the Authentication checkbox if you want CC-SG to use the AD module for

authentication of users. Check the Authorization checkbox if you want CC-SG to use the

AD module for authorization of users.

5. Click Update to save your changes.

Edit AD Modules

Once you have configured AD modules, you can edit them at any time.

1. On the Administration menu, click Security.

2. Select the AD module you want edit, and then click Edit.

3. Click each tab in the Edit Module window to view the configured settings. Make changes as

needed. Please refer to the previous sections on

AD General Settings, AD Advanced

Settings, AD Group Settings, and AD Trust Settings for additional information.

4. If you change the connection information, click Test Connection to test the connection to the

AD server using the given parameters. You should receive a confirmation of a successful

connection. If you do not see a confirmation, review the settings carefully for errors and try

again.

5. Click OK to save your changes. You must synchronize the AD user groups you changed, or

you can synchronize all AD modules to synchronize all groups and users in all modules.

Please refer to

Synchronize AD User Groups and Synchronize All AD Modules for

additional information.

Import AD User Groups

You must specify Group settings in the AD module before you can import groups from the AD

server. Please refer to AD Group Settings on page

119. After making a change to imported

groups or users, you must synchronize the AD user groups you changed so that the imported

groups are mapped to the appropriate groups on AD, and synchronize all AD modules to

synchronize all groups and users in all modules. Please refer to

Synchronize AD User Groups

and

Synchronize All AD Modules for additional information.

You can import nested groups from AD.

Note: Make sure that you have configured the CC-SG DNS and Domain Suffix in Configuration

Manager before attempting to import AD user groups. Please refer to Chapter 13: Configuration

Manager for additional information.

1. On the Administration menu, click Security.

2. Select the AD module from which you want to import AD user groups.