- This article describes the steps to integrate Sophos Firewall with Active Directory (AD) for users authentication and access control.
Determining NetBIOS, Domain Name and Search Queries
- From Active Directory, go to Start > Administrative Tools > Active Directory Users and Computers. Right click the required domain and go to the Properties tab.
- Search Queries are based on the domain name (DN). In this example, domain name is sophos.com, so the search query is: dc=sophos, dc=com
Adding AD to Sophos Firewall
- Login to Sophos XG Firewall Web Admin by https://<Please change your owned ip>:4444
- Username (default) : admin.
- Password (default): admin (You can change password).
- Go to Authentication > Servers and click Add to configure the Active Directory.
- Fill Active Directory Parameters to the cells (Please fill your AD Parameters owned, this is just example).
Setting AD as the primary authentication method
- Go to Authentication > Services, under Firewall Authentication Methods, select the recently added AD server as the primary authentication server.
- Local server is selected as primary by default. Make sure that the recently added AD server is the first in the Selected Authentication Server list.
Importing AD groups
- Go to Authentication > Servers and click onicon to launch the wizard.
- Enter the Base DN. In this example the Base DN is: dc=sophos, dc=com (Please enter your Base DN owned).
- Select the OUs and groups to be imported in Sophos Firewall.
- Optionally, select common policies to attach to the selected groups.
- Review the settings.
- The Wizard has imported the selected groups into Sophos Firewall and added them to the bottom of the groups list.