AD Integration with Virtual Appliances

The integration of Microsoft Active Directory (AD) with Cisco Secure Access Virtual Appliances (VAs) provides AD user, group, or computer name information for each applicable DNS request. Secure Access VAs forward DNS requests at the site.

An AD site in the context of this guide means an independent location with its own domain controllers, DNS servers, and connection to the internet. For information about Secure Access Sites, see Manage Sites for AD Components and Manage Site for Virtual Appliance.

For an overview of the network topology, as well as the flow of traffic with the VA, see AD Connector Communication Flow and Troubleshooting.

Network Diagram for VA Deployments

The client computers at each AD site must be set to use the VA at their respective site as their DNS resolvers. The VA can then route DNS queries to their appropriate IP address for both internal and external resources. The VA also communicates with the AD environment to query for a list of user information to match to clients. 

How to Set Up AD Components with VAs

1. Review the requirements for setting up the AD components in your environment. For more information, see Prerequisites for AD Connectors and VAs.
2. Prepare your AD Environment. For more information, see Prepare Your AD Environment.
3. Install the AD Connectors. For more information, see Connect Active Directory to VAs.
4. View the installed AD components. For more information, see View AD Components.
5. View the provisioned AD users and groups in Secure Access. For more information, see View User Details and View Group Details.

Change the Connnector Account Password < AD Integration with Virtual Appliances > Prerequisites for AD Connectors and VAs