Create an Active Directory connection
Connections contain all the information needed to query an Active Directory (AD) domain for available servers. You can use connections to automatically discover and add servers to specific Advanced Server Access projects.
Before you begin
- Create an AD service account with read-only permissions
- Install the Advanced Server Access gateway
- Configure an Advanced Server Access gateway
- Passwordless certificates
Start this task
- Open the Advanced Server Access dashboard.
- Click Connections.
- Click Create Active Directory Connection.
- Configure the connection settings.
Setting User Action Name Enter a name to identify the connection. Gateway Select an existing gateway. Domain Enter an existing AD domain URL. Service Account Username
Enter the username for an Active Directory service account. This account needs read-only access to the domain.
Note: Teams may need to adjust the username format for their specific AD configuration. For example, username, user@domain, or user name.
Service Account Password Enter the password for the service account. Passwordless Authentication Optional. Select one of the following authentication options:
- None: Users must manually enter their AD password when connecting to discovered servers.
- Use an existing certificate: Users can connect to discovered servers without an AD password. Teams must have previously added a passwordless certificate. See Passwordless certificates.
- Use passwordless and create a self signed certificate: Users can connect to discovered servers without an AD password. When you use this option, Advanced Server Access automatically creates and assigns a self-signed certificate to the connection. This option is only available if the team hasn’t previously created a passwordless certificate.
Teams can assign a new certificate after creating the connection. See Add a certificate to an Active Directory connection.
- Optional. Click Advanced Configuration and configure the domain controller settings.
Setting User Action Domain Controller Enter the hostname or IP address of a specific domain controller used to query the domain. Separate multiple hostnames with commas (,).
If you don't specify a domain controller, the gateway performs an SRV record lookup to identify an LDAP server to communicate with. For information on SRV records, see How to verify that SRV DNS records have been created for a domain controller.
- Click Create.