Guides
Secure Access Help Center

Edit AD Authentication Properties

Once you add an Active Directory (AD) integration in Cisco Secure Access, you can edit the Authentication property for the AD users or endpoint devices in the organization.

Table of Contents

Best Practices: Configuring the AD Authentication Properties

  • After a configuration change to the Authentication property, Secure Access begins the update of the Authentication property for the AD users or endpoint devices in the AD directory integration.
    Note: Updates to the Authentication property for the AD users or endpoint devices may take up to one hour to complete.
  • We do not recommend that the organization update the Authentication property for the AD directory integration frequently. If the organization configures a series of changes to the Authentication property before the first update has completed, an error may occur.
  • After you update the Authentication property for the AD endpoint devices, you must restart the AD Connector to trigger a full synchronization of AD Users, Groups, and Endpoint Devices. For more information, see Restart the Active Directory Connector.

Prerequisites

Procedure

Edit the Authentication property for the AD users or endpoint devices in the organization.

  1. Navigate to Connect > Users, Groups, and Endpoint Devices, and click Configuration management.

  2. Navigate to Configurations, and then navigate to Directories.

  3. Expand Active Directory.

  4. Click Edit (pencil icon) at the top of the Active Directory section on the page to edit the authentication properties for the directory integration.

  5. Navigate to Users Authentication, and then navigate to Authentication Property.

a. Select the property that all AD users in the AD directory integration will use to authenticate with Secure Access.

  • User Principal Name—The user principal name of the AD user.

  • Email—The email address of the AD user.

  • SAM Account Name—The SAM account name for the AD user.

  1. Navigate to Endpoint Devices Authentication, and then navigate to Authentication Property.

a. Select the property that all AD endpoint devices in the AD directory integration will use to authenticate with Secure Access or select Not Required.

  • Common Name—The common name (CN) is the unique name of the AD endpoint device within it's organizational unit (OU).

  • Distinguished Name—The name of the AD device that is unique in the organization.

  • Hostname—The hostname of the AD endpoint device.

  1. Click Save.

AD Connector Communication Flow and Troubleshooting < Edit AD Authentication Properties > AD Integration with Virtual Appliances

Updated 2 days ago