HomeHome ArticlesArticles Most Popular ArticlesMost Popular Articles Most Helpful ArticlesMost Helpful Articles Request New ArticleRequest New Article
RSS Feeds
DrillDown Icon Table of Contents Back
 . . . . . . . . . . . . .
DrillDown Icon FAQs on Cyberoam and Sophos Firewall
DrillDown Icon Vulnerability Security Advisories
DrillDown Icon Best Practices & Policies
DrillDown Icon Protect Your Cyberoam Appliances from Power Fluctuations
DrillDown Icon Technical Library
DrillDown Icon Deployment
DrillDown Icon Registration & Licensing
DrillDown Icon System
DrillDown Icon Objects
DrillDown Icon Network
DrillDown Icon Identity
DrillDown Icon Authentication
DrillDown Icon Customize Captive Portal in Cyberoam
DrillDown Icon Active Directory (AD) Authentication
DrillDown Icon Port Requirements in AD-DC local firewall for CTAS connectivity
DrillDown Icon Install Novell eDirectory Compatible CTAS
DrillDown Icon Implement Clientless SSO Authentication in Multiple Active Directory Domain Controller
DrillDown Icon Group Membership behavior in case of Tight Integration with Active Directory
DrillDown Icon Integrate Cyberoam with Active Directory
DrillDown Icon Implement Clientless SSO Authentication in Single AD Domain Controller Environment
DrillDown Icon Implement SSO Authentication with AD (English & Non-English Version)
DrillDown Icon Import AD OUs and Groups
DrillDown Icon I have removed certain users from my AD server. How do I synchronize Cyberoam’s User Database with it?
DrillDown Icon Does Cyberoam import AD users’ email addresses along with their credentials?
DrillDown Icon Is it possible to authenticate Remote Desktop Server users without Active Directory Integration with Cyberoam?
DrillDown Icon How to configure an External Authentication Server to authenticate L2TP/PPTP/IPSec users?
DrillDown Icon NTLM Authentication
DrillDown Icon Configure SSO for WLAN Users Authenticated by RADIUS Server
DrillDown Icon Integrate Cyberoam with Gemalto SA Server NPS Agent
DrillDown Icon How to Login in a Two Factor Authentication Environment?
DrillDown Icon Guest User Creation using Captive Portal
DrillDown Icon Configure Windows Server 2008 as a RADIUS Server with MS-CHAP v2 Authentication
DrillDown Icon Configure Captive Portal URL Redirection
DrillDown Icon Integrate Cyberoam with RSA SecurID as a RADIUS Client
DrillDown Icon Integrate Cyberoam with ESET Secure Authentication Server
DrillDown Icon Allow Specific Websites without Authentication
DrillDown Icon Configure Cyberoam to use RADIUS Server for Authentication
DrillDown Icon Integrate Cyberoam with LDAP Server
DrillDown Icon Serve a Custom Page to unauthenticated users instead of Captive portal
DrillDown Icon How to customize the Default SMS sent to Guest Users?
DrillDown Icon Why is Captive Portal not displayed to users while trying to access Internet when a default Drop Policy is applied?
DrillDown Icon How to set authentication mechanism for L2TP or PPTP VPN users?
DrillDown Icon How to setup the Maximum Session Timeout globally for all users?
DrillDown Icon How do I configure Cyberoam to automatically logout inactive users?
DrillDown Icon Users and Groups
DrillDown Icon Implement Access Time Policy for a User/Group
DrillDown Icon Apply Surfing Quota Policy for User
DrillDown Icon Create a Data Transfer Policy
DrillDown Icon Implement BYOD Security with Cyberoam
DrillDown Icon Firewall
DrillDown Icon VPN
DrillDown Icon IPS
DrillDown Icon Web Filter
DrillDown Icon Application Filter
DrillDown Icon Web Application Firewall (WAF)
DrillDown Icon IM
DrillDown Icon Quality of Service (QoS)
DrillDown Icon Anti Virus
DrillDown Icon Anti Spam
DrillDown Icon Logs & Reports
DrillDown Icon Clients
DrillDown Icon Cyberoam Maintenance
DrillDown Icon Compatibility
DrillDown Icon Archives
DrillDown Icon Visio Stencils for Cyberoam security appliances
DrillDown Icon Product Technical Support
  Subscribe Print PreviewPrint Current Article and All Sub-Articles
Rate Icon Rate Icon Rate Icon Rate Icon Rate Icon
 
Install Novell eDirectory Compatible CTAS


Applicable CTAS Version: 2.0.4.0 onwards

Applicable Cyberoam Version: 10.01.0 Build 739
 

Overview
 
Novell eDirectory is an authentication server used to provide centralized identity management, infrastructure, Net-wide security and scalability to all types of applications running behind a security solution like Cyberoam UTM.

Cyberoam supports Single Sign-on authentication for Novell’s eDirectory through Cyberoam Transparent Authentication Suite (CTAS). CTAS grants access of resources to the users that are successfully authenticated by eDirectory.

Scenario

Install CTAS in server running Novell eDirectory.
 

Configuration

You can install CTAS in eDirectory by following the steps below.

Step 1: Download and Install CTAS on Server or Client System

Download CTAS from http://www.cyberoam.com/cyberoamclients.html and install it on the server or client system.

Note:

During installation, in the last step, enter credentials of the administrator user account on which you want to launch the service. User Name must be in the form .\UserName, e.g., .\administrator. 
 
 

Step 2: Configure CTAS

Launch CTAS and configure it according to steps given below: 

·         Set Domain Type as Novell eDirectory. 
 
  
 
·         Click the ellipses ( ... ) to display the Novell eDirectory Configuration screen. Specify LDAP configuration domain as given below. 
 
 
 
Parameter
Value
Description
IP Address
192.168.2.10
IP Address of the eDirectory server
Port
389
Port on which CTAS will communicate with eDirectory
Base DN
o=cyberoam
The top level of the LDAP directory tree is the base, referred to as the "base DN".
Admin DN
cn=administrator, o=cyberoam
Administrator identification
Password
cyberoam
Administrator password
 
 

      Click Test Connection to test the connectivity with server. Click OK to save configuration.

·         Under CTA Agent tab, select CTA Agent Mode as EDIRECTORY, and add the network(s) to be monitored under Monitored Networks. Here, we have added 192.168.2.1/22 as a monitored network. 
 
 
 
·         Under CTA Collector tab, add Cyberoam IP under Cyberoam Appliances. 
 
 
 
Click OK to save the configuration. 

Step 3: Configure Cyberoam

Logon to CLI Console with default password, go to Option 4 Cyberoam Console and execute following commands at the prompt:

console>cyberoam cta enable

console>cyberoam cta collector add collector-ip <ipaddress> collector-port<port number> 
 
 
 

For Cyberoam versions 10.02.0 Build 473 onwards, you can configure high availability of collectors by executing the following commands: 

console> cyberoam auth cta collector add collector-ip  <ip-address>  collector-port  <port>  create-new-collector-group

console> cyberoam auth cta collector add collector-ip  <ip-address> collector-port  <port>  collector-group  <group-number> 
 
 

Please make sure that you restart management services after enabling the CTA services.












                                                                                                                                              Document Version: 2.0 – 10 October, 2014
Attachments
Article ID: 2340