Dell SonicWALL Directory Services Connector 3.7
Administration Guide
2
6
Directory Services Connector overview
This chapter provides an overview of the Dell SonicWALL Directory Services Connector (DSC). It includes an
introduction to DSC and the SSO Agent, along with the supported user identification methods and platform
compatibilities.
Topics:
•
About Single Sign-On
on page
6
•
About Directory Services Connector
on page
6
•
About Agent-to-Agent communication
on page
7
•
About the SSO Agent cache
on page
8
•
About Single Sign-On with Active Directory or LDAP
on page
9
•
About Single Sign-On with Novell eDirectory
on page
10
•
About user identification methods
on page
11
•
About client probing with NETAPI or WMI
on page
11
•
About DC security logs
on page
11
•
About using Samba on Linux/UNIX clients
on page
13
•
Platform compatibility
on page
13
About Single Sign-On
Single Sign-On (SSO) is a transparent user authentication mechanism that provides privileged access to multiple
network resources with a single workstation login. Dell SonicWALL security appliances provide SSO functionality
using the Dell SonicWALL Single Sign-On Agent (SSO Agent) to identify user activity based on the workstation IP
address.
SSO is configured in the Users > Settings page of the SonicOS management interface. SSO is separate from the
authentication method for login settings that can be used at the same time for authentication of VPN/L2TP
client users or administrative users.
About Directory Services Connector
Dell SonicWALL Directory Services Connector includes the Dell SonicWALL Single Sign-On Agent (SSO Agent) as
well as certain configuration functions. The SSO Agent provides centralized user-identification to Dell
SonicWALL network security appliances, interacting with the SonicOS Single Sign-On feature.
Directory Services Connector provides integration with both Active Directory and Novell eDirectory. Specifically,
these are supported as follows:
1 Dell SonicWALL SuperMassive series, E-Class NSA series, NSA series, and TZ series appliances (TZ 100 and
newer) to achieve transparent, automated Single Sign-On integration with both Active Directory and
Novell eDirectory.