2.8  Mapping of user accounts and groups from the Active Directory

To enable disposal of Active Directory user accounts, set mapping of a corresponding domain and define a template that will apply specific WinRoute parameters (user rights, data transfer quotas, etc.) to all users.

Domain mapping

Therefore, it is not necessary to define local user accounts in WinRoute. Simply map a corresponding domain. To set Active Directory domain mapping, go to the Active Directory tab under User and Groups → Users.

To set mapping, DNS name of the domain is required — company.com in our example, along with login data of any user belonging to this domain. For automatic authentication with NTLM (web browsers, Kerio Outlook Connector, etc.), name of the corresponding Windows NT domain is also required (i.e. COMPANY).

Creating templates for user accounts

On the User Accounts tab, select the mapped Active Directory domain, i.e. company.com. If mapping is set correctly, all user accounts included in the domain will be displayed here.

Click on the Template button to define a template for user accounts. It is also intended to enable remote users to access the local network by Kerio VPN Client or Clientless SSL-VPN. Set user rights on the Rights tab.

Hint

In case you do not want to use any of the domain accounts, you can block them in WinRoute and hide blocked accounts. The accounts will be blocked only in WinRoute, they will stay active in the domain. Accounts blocked on the domain server will not be even imported to WinRoute.