Filter
Top Products
User Management
667
SonicOS Enhanced 4.0 Administrator Guide
The SonicWALL security appliance can retrieve group memberships more efficiently in the case
of Active Directory by taking advantage of its unique trait of returning a ‘memberOf’ attribute for
a user.
Step 31 Click the Import user groups button to import user groups from the LDAP server. The names
of user groups on the LDAP server need to be duplicated on the SonicWALL if they are to be
used in policy rules, CFS policies, etc.
Step 32 Select the LDAP Relay tab.
Step 33 Check the Enable RADIUS to LDAP Relay box to enable RADIUS to LDAP relay. The RADIUS
to LDAP Relay feature is designed for use in a topology where there is a central site with an
LDAP/AD server and a central SonicWALL security appliance with remote satellite sites
connected into it using SonicWALL security appliances that may not support LDAP. In that case
the central SonicWALL security appliance can operate as a RADIUS server for the remote
SonicWALL security appliances, acting as a gateway between RADIUS and LDAP, and relaying
authentication requests from them to the LDAP server.
Additionally, for remote SonicWALL security appliances running non-enhanced firmware, with
this feature the central SonicWALL security appliance can return legacy user privilege
information to them based on user group memberships learned using LDAP. This avoids what
can be very complex configuration of an external RADIUS server such as IAS for those
SonicWALL security appliances.
Step 34 Under Allow RADIUS clients to connect via, check the relevant checkboxes and policy rules
will be added to allow incoming Radius requests accordingly. The options are:
–
Trusted Zones
–
WAN Zone
–
Public Zones
–
Wireless Zones