Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 1 reply
  • Subscribers 26 subscribers
  • Views 10274 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

(Add) LDAP Server (Troubles with Authentication)

AndréAegerter

 

Hi all

Yesterday i tried a LDAP Server to add, but nothing work?!
look the Pictures please.

1. what attributes are allowed for "Add LDAP Server"? I used the mail Attribute, also the Windows Attribute UserPrincipalName or Displa Name, nothing works :-(

Why i Need a LDAP Server for Authentication? for Exchange Protection (WAF) with the following Authentication Policies: "Form with passthrough". By the UTM 9.x, you needed LDAP Authentication. That's why I'm trying here, even with LDAP, with Active Directory didn't work.

With the Active Directory authentication, the window (Authentication) hooked up again and again, is not gone.
now I've been using the Sophos XG exactly the same Problem.

Note: with Active Directory is loaded in the Background, the OWA, but in the foreground is the Sophos window (authentication) does not disappear, unfortunately?
The Exchange Configuration, i had configured Basic Authentication.

2. How to configure WAF Protection for Exchange in 2016, with the Reverse authentication (authetic ation Policies > Form with Passthrough)?



This thread was automatically locked due to age.
Parents
  • 0

     

     

    Hi all

    Because I got no help, here is the solution from my self :-)
    Note: Here are the basics for OWA in Conjunction with the Authentication Policy "Form with passthrough" (you can also customize the template which present the owa window login).

    1. In my opinion, for tha Scenario we Need a Authentication with the LDAP Protocol, in other words: we Need for that a LDAP Server which have also the credentials for browsing the Active Directory, in my case Server 2016. The User for that can have basic permissions, there are no admin Rights necessary!

    2. you also need to customize the Authentication Policie (Form with passthrough) how you can see also in my Picture.
        Note: for me worked only the (Sophos) Open Group. When i changed this group to a Active Directory Group with the Member which makes the OWA Login, it dosen't work for me??!!
        The window Login no longer disappears?!

    3. The next step is the configuration for the Firewall Policy (with the Exchange Services as OWA, ECP, OAB and more). There are two directories /owa (and /OWA) and /ecp (and /ECP) have the authentication to change to "Form with passthrough"

    So, hope didn't forget anything. a lot of fun :-)

Reply
  • 0

     

     

    Hi all

    Because I got no help, here is the solution from my self :-)
    Note: Here are the basics for OWA in Conjunction with the Authentication Policy "Form with passthrough" (you can also customize the template which present the owa window login).

    1. In my opinion, for tha Scenario we Need a Authentication with the LDAP Protocol, in other words: we Need for that a LDAP Server which have also the credentials for browsing the Active Directory, in my case Server 2016. The User for that can have basic permissions, there are no admin Rights necessary!

    2. you also need to customize the Authentication Policie (Form with passthrough) how you can see also in my Picture.
        Note: for me worked only the (Sophos) Open Group. When i changed this group to a Active Directory Group with the Member which makes the OWA Login, it dosen't work for me??!!
        The window Login no longer disappears?!

    3. The next step is the configuration for the Firewall Policy (with the Exchange Services as OWA, ECP, OAB and more). There are two directories /owa (and /OWA) and /ecp (and /ECP) have the authentication to change to "Form with passthrough"

    So, hope didn't forget anything. a lot of fun :-)

Children
No Data