Question

How do I enable Active Directory authentication in FTK*, Lab, or Enterprise**, and create a "Trusted User"?

*FTK allows trusted users, but only for local machine accounts rather than domain accounts.

**Enterprise 6.5 and newer.  For previous versions, use the article Configure AD Enterprise for LDAP Authentication (6.3 and older).

 

Introduction

FTK allows users to create "Trusted User" accounts, which then utilize users' Windows or domain credentials to automatically log in to FTK, Lab and Enterprise.



Procedure

 

  1. Log into Lab as an Application Administrator
  2. Go to Tools > Set LDAP Authentication
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009877488/original/2017-10-19_13_40_59-mRemoteNG_-_confCons.xml_-_BEAST.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T171616Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=4d9b5fde07cc5d2215662a658df8e9aa63220fc8b909ccfc094110a98de51bf0
  3. Check the box "Enable LDAP Authentication"
  4. In the "Base LDAP URL with DN" field, enter your LDAP server and base DN as per the format shown in the example.
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009877490/original/2017-10-19_13_43_52-mRemoteNG_-_confCons.xml_-_BEAST.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T171616Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=fc41edc762524ec652f81a42929347275af18c3468f44fc3c91b13c6806705de
  5. Click "OK"
  6. Go to Database > Administer Users > Add User
  7. Click "Trusted User"
  8. Enter the domain username of the desired user
    https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/69009877491/original/2018-01-22_09_11_26-mRemoteNG_-_confCons.xml_-_BEAST.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAS6FNSMY2XLZULJPI%2F20210926%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210926T171616Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=15b475563129ca40bda3ee4dde862462c4b532f64d6c40eac6ccd6e52e5cdf08
  9. Click "OK" again
  10. Grant the user the desired Role and finish adding them

 

Notes

  • If a Domain User does not enable LDAP authentication before logging out or closing AD Lab, they may get locked out of AD Lab.
  • FTK also allows trusted users, but only for local machine accounts rather then domain accounts.
  • This will not work if there is an existing Lab non-LDAP user account with the desired Domain username.
  • You must be logged in to Windows using the desired LDAP user to run Lab.