Configuring LDAP-bind authentication profiles for use with Integrated Windows Authentication
You can configure an LDAP-bind authentication profile that connects to an Active Directory server to support Integrated Windows Authentication. Under this configuration, users of the SafeLinx Client for Windows can authenticate with the SafeLinx Server with their Windows credentials. Integrated Windows Authentication is sometimes referred to as the Pre-Logon Access Provider (PLAP), or as GINA (Graphical Identification and Authentication).
After you configure the authentication profile, you must also configure the SafeLinx Client for Windows to enable users to log in with their Windows credentials.
To configure an LDAP-bind authentication profile to support Integrated Windows Authentication, complete the following procedure.
- From the SafeLinx Administrator, expand the OU that contains the authentication profiles for your deployment and double-click Authentication Profile.
- From the Authentication Profile resource list, click the LDAP-bind authentication profile that you want to configure, and then click Properties.
- On the General page of the LDAP-bind authentication profile, select Request Windows credentials from GINA.
- On the LDAP page, type sAMAccountName in the User key field field.
- In the LDAP Attribute used for lock status field, type userAccountControl.
Configure the SafeLinx Client for Windows to support the use of Windows login credentials to
authenticate with the SafeLinx Server.
For more information, see The SafeLinx Client for Windows in the SafeLinx Clients section.