2.8  Mapping of user accounts and groups from the Active Directory

To enable disposal of Active Directory user accounts, set mapping of a corresponding domain and define a template that will apply specific WinRoute parameters (user rights, data transfer quotas, etc.) to all users.

Domain mapping

There is an Active Directory domain created in the local network. Therefore, it is not necessary to define local user accounts in WinRoute. Simply map a corresponding domain.

To set Active Directory domain mapping, go to the Active Directory tab under User and Groups → Users.

Settings of Active Directory domain mapping

Figure 2.16. Settings of Active Directory domain mapping


Active Directory mapping

Enter the DNS name of the — company.com domain to the Active Directory domain name entry.

The Description item is for better reference only.

Domain Access

WinRoute needs to know username and password for access to the Active Directory database. Access with read rights is satisfactory for this purpose. This means that it is possible to use any user account belonging to the particular domain.

Note: It is not necessary to set the Advanced parameters.

NT authentication

To enable automatic user authentication from web browsers and to keep compatibility with older Windows versions, it is recommended to enable authentication against Windows NT domain.

Use the NT domain name entry to insert a corresponding Windows NT domain name, i.e. COMPANY.

Creating templates for user accounts

On the User Accounts tab, select the mapped Active Directory domain, i.e. company.com.

Overview of user accounts in the mapped domain

Figure 2.17. Overview of user accounts in the mapped domain


Click on the Template button to define a template for user accounts. It is also intended to enable remote users to access the local network by Kerio VPN Client or Clientless SSL-VPN (see chapter 1  Introduction). Set user rights on the Rights tab.

Template for user accounts — setting rights for Kerio VPN and Clientless SSL-VPN

Figure 2.18. Template for user accounts — setting rights for Kerio VPN and Clientless SSL-VPN