All Products
Search
Document Center

Cloud Storage Gateway:Configure AD, LDAP, and DNS

Last Updated:Jan 08, 2024

This topic describes how to configure Active Directory (AD), Lightweight Directory Access Protocol (LDAP), and DNS in the Cloud Storage Gateway (CSG) console.

Background information

The AD protocols, including LDAP, are standard application protocols used to query and modify data in a directory. You can join and configure an AD or LDAP service based on your business requirements.

  • File gateways version 1.0.36 and later allow you to configure AD, LDAP, and DNS in the CSG console.
  • You can join an AD domain only after you complete the DNS settings.
  • You can join either an AD or LDAP domain, but not both.
  • Only one of the current AD domain user, LDAP user, and on-premises user can take effect. After you join or leave an AD domain, or connect to or disconnect from an LDAP server, existing user permissions configured in the Common Internet File System (CIFS) share are automatically removed.
  • The AD feature supports 64-bit Windows Server 2016 Datacenter and Windows Server 2012 R2 Datacenter.
  • The LDAP feature supports 64-bit CentOS 7.4 with OpenLDAP 2.4.44.

Configure AD

  1. Log on to the CSG console.

  2. In the left-side navigation pane, click Gateways. On the page that appears, locate the file gateway and click the ID of the file gateway.

  3. In the left-side navigation pane, click AD/LDAP/DNS. On the AD/LDAP/DNS page, click Add to AD.
  4. In the Add to Windows AD dialog box, configure the following parameters and click OK.
    • Server IP Address: Enter the IP address of the AD server.
    • Username: Enter the username of the administrator.
    • Password: Enter the password of the administrator.

    After the connection is established, the status of Connected under Windows Active Directory (AD) changes to Yes.

    Note
    • After you join the AD domain, the on-premises user permissions configured in the SMB share are removed.
    • CSG does not support multiple AD domains for a gateway. For example, you can configure either a parent domain or a child domain for a gateway.

Configure LDAP

  1. Log on to the CSG console.

  2. In the left-side navigation pane, click Gateways. On the page that appears, locate the file gateway and click the ID of the file gateway.

  3. In the left-side navigation pane, click AD/LDAP/DNS. On the AD/LDAP/DNS page, click Establish Connection.
  4. In the Connect LDAP Server dialog box, configure the following parameters and click OK.
    • Server IP Address: Enter the IP address of the LDAP server, which is the directory system agent.
    • TLS Support: Specify the method used by the system to communicate with the LDAP server.
    • Base DN: Specify the LDAP domain, for example, dc=iftdomain or dc=ift.local.
    • Root DN: Specify the root DN, for example, cn=admin, dc=iftdomain, or dc=ift.local.
    • Password: Enter the password of the root directory.

    After the connection is established, the status of Connected under Lightweight Directory Access Protocol (LDAP) becomes Yes.

    Note After you join the LDAP domain, the on-premises user permissions configured in the SMB share are removed.

Related operations

On the AD/LDAP/DNS page, you can also perform the following operations.

OperationDescription
End the AD connectionUnder Windows Active Directory (AD), click End Connection.
End the LDAP connectionUnder Lightweight Directory Access Protocol (LDAP), click End Connection.
Change DNS serversClick Switch DNS Server and change the DNS server IP address.
Note When you configure DNS for a cloud file gateway to join an AD domain, replace the first IP address of the DNS server with that of the domain controller. Keep the second IP address.