active_directory_integration

Active Directory Integration

Integrate OfficeScan with your Microsoft™ Active Directory™ structure to manage OfficeScan clients more efficiently, assign Web console permissions using Active Directory accounts, and determine which endpoints do not have security software installed. All users in the network domain can have secure access to the OfficeScan console. You can also configure limited access to specific users, even those in another domain. The authentication process and the encryption key provide validation of credentials for users.

Active Directory integration allows you to take full advantage of the following features:

Role-based administration: Assign specific administrative responsibilities to users by granting them access to the product console using their Active Directory accounts. For details, refer to Role-based Administration.
Custom client groups: Use Active Directory or IP addresses to manually group clients and map them to domains in the OfficeScan client tree. For details, refer to Automatic Client Grouping.
Outside Server Management: Ensure that computers in the network that are not managed by the OfficeScan server comply with your company’s security guidelines. For details, refer to Outside Server Management.

Manually or periodically synchronize the Active Directory structure with the OfficeScan server to ensure data consistency. For details, refer to Synchronizing Active Directory with OfficeScan.

To integrate Active Directory with OfficeScan: >>>

administration > Active directory > Active directory Integration

Under Active Directory Domains, specify the Active Directory domain name.
If the OfficeScan server is not part of the network, click Enter domain credentials and then type the domain credentials and an encryption key.
In the screen that opens, type the user name and password OfficeScan will use to query the Active Directory domain.

Ensure that the domain credential does not expire.

Optionally, click the plus button () to enter more than one Active Directory domain, or the minus () button to delete Active Directory domains. Specify domain credentials separately.
For additional security, specify an encryption key and file that OfficeScan uses to transform plaintext into ciphertext when storing the domain credentials in the OfficeScan database. This encryption key supports all file formats.
Click one of the following:

Save: Save the information only. Select this option after changing a setting during critical business hours.
Save and synchronize Active Directory: Save and synchronize Active Directory. Select this option after changing a setting during non-critical business hours.

Optionally schedule periodic synchronizations of the Active Directory domains with the OfficeScan database. For details, refer to Synchronizing Active Directory with OfficeScan.