Active Directory Application

📘

Note

This application is only relevant to those accessing via the Atmos Agent.

Using the Atmos Agent, administrators can allow users to authenticate with Active Directory and access its services. To configure an Active Directory application, admins must specify the Active Directory’s Domain, DNS Servers, and the address of any additional services in the internal network (for example LDAP or Kerberos servers). After creating the application and adding it to the policy rules users can access the Active Directory services.

Adding an Active Directory Application

  1. In the Management Console, go to Settings -> Applications > New Application.
  2. In the Network Access area, select Active Directory.
3276

Step 1: Active Directory Domain

  1. Add the Active Directory domain you want the app to resolve.
  2. Add a name for the application
  3. Active Directory Domain
3286
  1. Enter your organization’s Active Directory Domain.
  2. Click Next.

Step 2: Active Directory DNS Servers

  1. Enter the Domain addresses to your Active Directory DNS/DC servers. If you are running Infoblox, enter your Infloblox servers.
  2. Click Add a Server to add another server domain.
  3. Click the remove icon to remove a server domain.
  4. Click Next.
3282

Step 3: Additional Active Directory Servers

Add the domain addresses of any additional Active Directory Services' servers in your internal network. These could be Kerberos servers, LDAP, Global Catalog, Password Change service, and more.

  1. Click Add a Server to include another server domain.
  2. Click the remove icon to remove a server domain.
  3. Click Next.
3294

Step 4: Local Port Range

Add the different port ranges through which the application is accessed.

  1. Enter port ranges matching the addresses entered in step 2: Active Directory DNS Servers.
    The ports used by Active Directory servers are configured by default: 135, 445, 88, 53, 636, 389, 1024-65535.
  2. Click the remove icon to remove a port range.
  3. Click Add a Port Range to include another port range.
  4. Select the Enable ICMP traffic option to check connectivity on a Network Range.
    For a list of supported ICMP commands and requirements, click here.
  5. Click Next.
3292

Step 5: Connector Zone

Each application has a defined Connector Zone through which the Atmos Agent can access the application.

  1. Click the Connector zone drop-down menu to select a Connector Zone that can reach the IP address range.
  2. Click Next.

📘

Note

When you enable ICMP, use any connector except for the Public Connector zone.

3278

Step 6: Application Tags

Tags help creating policy rules fast and efficiently for groups of applications. Click Creating a New Application Tag ] to learn about creating application tags.

  1. Start typing to create new tags, or choose from the Tags drop-down menu.
  2. Click Submit.
3276

📘

Note

To commit your changes, navigate to the top-right menu, click Apply Changes, then select Commit Changes.