The ability for a single installation of FileCloud to authenticate against multiple Active Directory servers is available in FileCloud Server version 7.0 and later.
Although the latest versions of the Windows Server operating system handle large numbers of objects more efficiently, there are many reasons why organizations implement multidomain forests.
An example of this is a university.
- In the Faculty of Science, there are different departments or schools, such as the school of physics and the department of botany
- For political or organizational reasons it might have been decided that each department or school should have its own domain that is a part of the overall university forest
- Active Directory gives organizations the ability to create domain namespaces that meet their needs
To display more information, click on a topic.
The reasons for using multidomain AD structures can include but are not limited to:
- Historical domain structure. Some organizations have retained the forest structure that was established when the organization first adopted Active Directory.
- Organizational or political reasons. Some organizations are conglomerates, and they might be comprised of separate companies that share a common administrative and management core.
- Security reasons Domains. Some organizations need to create authentication and authorization boundaries. You can also use domains to partition administrative privileges so that you can have one set of administrators who are able to manage computers and users in their own domain, but who are not able to manage computers and users in a separate domain. Although it’s possible to accomplish a similar goal by delegating privileges, many organizations prefer to use separate domains to accomplish this goal.
Enable multiple AD server authentication
To enable multiple AD server authentication, you have to configure settings in the following places:
- adconfig.php file
- Admin Dashboard
To enable multiple AD server authentication:
Open a browser and log in to the Admin Portal.
On the Admin Dashboard, from the left navigation panel, click Settings.
On the Manage Settings screen, click Authentication.
To enable the Active Directory Settings, under Authentication Settings, change the Authentication Type to ACTIVEDIRECTORY.
Select the Active Directory sub-tab, type in the required information, and then click Save.
Create a file called adconfig.php in one of the following locations, depending on your OS:
Add the information for the other AD servers using the following example. Do not add the same AD server detail that was already configured in Admin Dashboard.
Now additional users from these domains can also login into FileCloud.
When connecting to multiple AD servers, there might be issues adding the same user account name from different domains into FileCloud. FileCloud requires unique usernames and will disallow adding another username from another domain if the name already exists.
To handle this please add the following to cloudconfig.php. This will allow duplicate users to be added from other domains as long as the email address is unique. The users will have to login into the system using email address.