The Active Directory (AD) integration consists of two components that must reside in your network at each independent AD site.
- The Virtual Appliance (VA ):
- Runs in a virtualized server environment
- Forwards local DNS queries to your existing DNS servers and
- Forwards external DNS queries with non-sensitive metadata to the Umbrella global network.
- Runs in your Active Directory environment
- Securely communicates non-sensitive user and computer login info to the Virtual Appliances
- Securely communicates non-sensitive user and computer group info to the Umbrella global network.
Depending on where you are in your planning or deployment, the appendix can help plan your deployment.
- Step 1: Setup DNS Forwarding via Virtual Appliances
- Step 2: Prepare your Active Directory Environment
- Step 3: Connect Active Directory to Umbrella
- Step 4: Configure Policy via Dashboard
- Step 5: Route DNS Traffic Thru the Virtual Appliances
- Multiple AD Sites
- Appendix A: Prepare a Separate non-AD Server to Install the Connector
- Appendix B: Configuring AD Servers on Windows Server 2003 R2
The client computers at each Active Directory site must be set to use the Virtual Appliance at their respective site as their DNS resolvers. The Virtual Appliance can then route DNS queries to their appropriate IP address for both internal and external resources.
The Virtual Appliance also communicates with the AD environment to query for a list of user information to match to clients.
This diagram outlines each component of the integration:
This guide explains how to install each of these components and verify that they are working properly before you deploy them.