Skip to content

Configuring the Active Directory for CAS Manager

CAS Manager uses Lightweight Directory Access Protocol (LDAP) or Secure Lightweight Directory Access Protocol (LDAPS) with Active Directory servers for user authentication. LDAPS is recommended to give you a more secure environment, through the use of an Active Directory Certificate, which should be available before activating the Active Directory configuration.

The following section details how to configure and add an existing Active Directory with CAS Manager. You must have an existing Active Directory to use with CAS Manager.

Test LDAPS

The first step is to test LDAPS. For information on adding a self-signed certificate to enable LDAPs, see the following KB article.

The following command outlines how to test LDAPS through PowerShell as an Admin. Enter the name of your domain controller in place of dc1.example.com:

openssl s_client -connect "dc1.example.com":636

If you see a certificate successfully returned, then LDAPS for the Active Directory is configured and functioning.

Configure Active Directory for CAS Manager

The following steps outline how to configure the Active Directory for CAS Manager:

  1. Open the system Control Panel and select Administrative Tools.
  2. Click Active Directory Users and Computers from the list of options. If you don't have an Active Directory installed, then this option will not appear.

  3. Create the following groups and users within the Users folder:

    New Group: TESTGROUP New User: testUser

    The group and user names used above are just examples and can be replaced with any names you choose.

  4. Once you have created this new group and user you need to access the CAS Manager Admin Console and configure the Active Directory. For information on how to do this, see Active Directory Integration.

If you are using the CAS Manager as a simple broker without power management, the Active Directory user you select will need to have read permission to query the Active Directory. A simple Domain Users group will suffice. If you are using the CAS Manager with power management features enabled, please see the following section of the CAS Manager Administrator's guide, here.