Configuring LDAP-bind authentication profiles for use with Integrated Windows Authentication

You can configure an LDAP-bind authentication profile that connects to an Active Directory server to support Integrated Windows Authentication. Under this configuration, users of the SafeLinx Client for Windows can authenticate with the SafeLinx Server with their Windows credentials. Integrated Windows Authentication is sometimes referred to as the Pre-Logon Access Provider (PLAP), or as GINA (Graphical Identification and Authentication).

Configure an LDAP-bind authentication profile to connect to an Active Directory server. For more information, see Adding LDAP-bind authentication profiles.
You can enable users of the SafeLinx Client for Windows to use their Windows credentials to authenticate with the SafeLinx Server. To configure SafeLinx to work with Integrated Windows Authentication, you must include specific settings in the LDAP-bind or RADIUS authentication profile that governs authentication for the SafeLinx Client users.

After you configure the authentication profile, you must also configure the SafeLinx Client for Windows to enable users to log in with their Windows credentials.

To configure an LDAP-bind authentication profile to support Integrated Windows Authentication, complete the following procedure.

  1. From the SafeLinx Administrator, expand the OU that contains the authentication profiles for your deployment and double-click Authentication Profile.
  2. From the Authentication Profile resource list, click the LDAP-bind authentication profile that you want to configure, and then click Properties.
  3. On the General page of the LDAP-bind authentication profile, select Request Windows credentials from GINA.
  4. On the LDAP page, type sAMAccountName in the User key field field.
  5. In the LDAP Attribute used for lock status field, type userAccountControl.
  6. Configure the SafeLinx Client for Windows to support the use of Windows login credentials to authenticate with the SafeLinx Server.
    For more information, see The SafeLinx Client for Windows in the SafeLinx Clients section.