Question

How do I configure FTK Central to use Active Directory authentication?


Notes: 

  • Active Directory authentication can only be tied to one domain.  If your users are spread over multiple domains, you should not use Active Directory authentication.
  • Application-level, non-domain users will not be able to log in to FTK Central if Active Directory authentication is enabled.

 

Answer

  1.  Log in to FTK Central and click the wrench in the upper-right to go to Administration
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875436/original/2021-07-28_14_35_46-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b18587a295d1541cb50f23a3a0b4514681d294e8c57fa65e7d2e65bffc571fe4
  2. Click System Management in the upper-right
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875437/original/2021-07-28_14_38_27-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=30b445605cb88cfcfd3c94f27a925f085793dd13b475b6320d7571ed78c759d4
  3. Click Active Directory on the left
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875438/original/2021-07-28_14_40_31-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f518d67a7185d14aa3d1ad0e385e97f6a02bf5fe5e14822bef6465e9f0dc81ea
  4. Complete the values as defined below:
    Server: Name or IP of the Domain Controller (this can also be just the domain name itself to automatically choose which domain controller to use)
    Port: LDAP port
    Global Catalog: Whether or not to use Global Catalog
    Base DN: Distinguished Name of the base OU
    User DN: Username of a user with Domain Read Object privileges
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875439/original/2021-07-28_14_47_15-Greenshot_image_editor.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d73b490390b60c5331653479c7ec395a40674120efe6c20c9ce2708ba320bd1a
  5. Check the box under Active Directory Authentication
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875440/original/2021-07-28_14_48_03-Greenshot_image_editor.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=fd39ea4ed9720bb725993eb536f93ecaf575351c0ef5267762d6219c3ab0ad9e
  6. Click Test Configuration and make sure it returns Valid
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875441/original/2021-07-28_14_50_44-Greenshot_image_editor.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=04b5f33a09e99bd940db98273fd949c3b3335023e14fe6e09166a7ce3be22ad6
  7. Click Save and Next in the lower-right
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875442/original/2021-07-28_14_52_13-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b42776f1cc58a398b63750e75cce7b7e757156db50e743844bbf4fc59b26ce49
  8. Map the fields as shown below, the click Save and Next
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875443/original/2021-07-28_14_53_11-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=1b30d5e215f3ba2e885ad38168a5d075b7c4691efa3e81ece3a08ff05f289d2a
  9. Click User Management in the upper-right
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875444/original/blah.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=dc4e3d3c0d2a4fbf8642b66f00b9f647bed6c9d65877934cd73e4a48079dc7e5
  10. On the Users page, click Import fromAD
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009875445/original/2021-07-28_14_56_53-mRemoteNG_-_confCons.xml_-_ftkc-app.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T163722Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b01078a81b820f59dd1e3db7697a5a8f76bfcf16b633fe914473efbfa45b6a8b
  11. Import at least one User from Active Directory, and associate them to either the Application Administrator Role or Group
    Note: Any existing non-domain users will not be able to log in to Quin-C beyond this point
  12. Set the desired Authentication Method using the FTK Central Configuration Tool.
  13. Restart the AccessData Exterro Self Host Service service


Notes

  • Your FTK Central base URL may need to be added to the Local Intranet Zone on your users' machines in order to pass Integrated Windows Authentication credentials.
  • In some cases when using Integrated Windows Authentication, you may need to manually navigate directly to <FTKCentralBaseURL>/app/quinc2/home to bypass the login screen.