This topic describes how to configure AD, LDAP, and DNS in the Cloud Storage Gateway (CSG) console.

Background information

Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) are standard application protocols used to query and change directory information. Select the AD or LDAP service that you want to join and configure.

  • File gateways version 1.0.36 and later allow you to configure AD, LDAP, and DNS in the CSG console.
  • You can join an AD domain only after you complete the DNS settings.
  • You can join either an AD or LDAP domain, but not both.
  • The permissions of the current AD domain user, LDAP user, and on-premises user override each other and whichever configured last takes effect. After you join or leave an AD domain, or connect to or disconnect from an LDAP server, the user permissions configured in the CIFS share are automatically removed.
  • The AD feature supports 64-bit Windows Server 2016 Datacenter and Windows Server 2012 R2 Datacenter.
  • The LDAP feature supports 64-bit CentOS 7.4 with OpenLDAP 2.4.44.

Configure AD settings

  1. Log on to the CSG console.
  2. On the Gateway Clusters page, find and click the target file gateway.
  3. On the AD/LDAP/DNS page, click Join AD.
  4. In the Add to AD dialog box, set the following parameters and click OK.
    • Server IP Address: Enter the IP address of the AD server.
    • Username: Enter the username of the administrator.
    • Password: Enter the password of the administrator.

    After the connection is established, the status of Connected under Windows Active Directory (AD) changes to Yes.

    Note After you join the AD domain, the on-premises user permissions configured in the SMB share are removed.

Configure LDAP

  1. Log on to the CSG console.
  2. On the Gateway Clusters page, find and click the target file gateway.
  3. On the AD/LDAP/DNS page, click Establish Connection.
  4. In the Connect LDAP Server dialog box, set the following parameters and click OK.
    • Server IP Address: Enter the IP address of the LDAP server, which is the directory system agent.
    • TLS Support: Specify the method used by the system to communicate with the LDAP server.
    • Base DN: Specify the LDAP domain, for example, dc=iftdomain, or dc=ift.local.
    • Root DN: Specify the root DN, for example, cn=admin, dc=iftdomain, or dc=ift.local.
    • Password: Enter the password of the root directory.

    After the connection is established, the status of Connected under Lightweight Directory Access Protocol (LDAP) becomes Yes.

    Note After you join the LDAP domain, the on-premises user permissions configured in the SMB share are removed.

What to do next

On the AD/LDAP/DNS page, you can also perform the following operations.

Operation Description
End the AD connection Under Windows Active Directory (AD), click End Connection.
End the LDAP connection Under Lightweight Directory Access Protocol (LDAP), click End Connection.
Change DNS servers Click Switch DNS Server and change DNS server IP addresses.
Note When you configure DNS for a cloud file gateway to join an AD domain, replace the first IP address of the DNS server with that of the domain controller. Keep the second IP address.