Enable Windows Authentication with Active Directory in the Orion Platform
This topic applies to all Orion Platform products.
The Orion Web Console can authenticate Active Directory users and users who are members of Active Directory security groups by using MSAPI or LDAP. By default, Windows individual or group accounts use MSAPI to authenticate accounts.
You can only use one authentication protocol at a time. All Windows accounts are authenticated through MSAPI or LDAP, depending on which one is enabled.
SolarWinds offers a free analyzer tool for Active Directory that provides instantaneous visibility into effective permissions and access rights. The tool provides a complete hierarchical view of the effective permissions access rights for a specific file folder (NTSF) or share drive. Download it for free from here: http://www.solarwinds.com/products/freetools/permissions_analyzer_for_active_directory/.
Authenticate users through MSAPI
- Create a user account based on existing Active Directory or local domain account.
- Enable the Orion Web Console to use automatic Windows Authentication.
- Start the Configuration wizard in the SolarWinds Orion program folder.
- Confirm the Database screens with Next. No changes are necessary there.
- On Website Settings, provide the appropriate IP Address, Port, and Website Root Directory, and select Yes - Enable Automatic Login Using Windows Authentication.
- Click Next, and complete the Configuration wizard.
- Log in to the Orion Web Console using the appropriate domain and user, providing
Username@Domainas the User Name.
- Run the Configuration wizard and enable Windows authentication.
- Login to the Orion Web Console, and navigate to Settings > All Settings. In Web Console Settings, select Enable automatic login in the Windows Account Login drop-down.