6.8. Authentication agent for Windows

The system also offers a special authentication agent - yet another identification method for users who are working in the Windows operating system in Active Directory environment. The agent provides a convenient service which transfers information about users, such as their usernames and IP addresses, to the UserGate server for proper identification of all network connections, thereby eliminating the need for additional identification methods. To set up the user identification in the authentication agent, perform the following steps:

Name	Description
Step 1. Allow the Authorization agent service in the required zone.	Go to Network-->Zones, edit the access control parameters for the zone where users reside and allow the Authorization agent service in this zone.
Step 2. Set up a password for terminal server agents	In the UserGate console, go to the Users and devices-->Terminal servers section, click Configure and then specify the password for terminal server agents.
Step 3. Install the authentication agent	Using Active Directory Group policy install the authentication agent on all PCs where you are going to identify users. The authentication agent is supplied with the administrative template for convenient deployment through Active Directory policies. Using this template, administrators can deploy a valid pre-configured agent to a large number of user workstations at once. Template allows to provide the IP address and port of the UserGate server and the password that you have set on the previous step. For more details on how to deploy a software using Active Directory policies, please refer to Microsoft documentation. Alternative method is to install authentication agent manually and provide required settings in the following registry keys: [HKEY_CURRENT_USER\Software\Policies\Entensys\Auth Client] "ServerIP"="" "ServerPort"="1813" "SharedKey"=""

Name

Description

Step 1. Allow the Authorization agent service in the required zone.

Go to Network-->Zones, edit the access control parameters for the zone where users reside and allow the Authorization agent service in this zone.

Step 2. Set up a password for terminal server agents

In the UserGate console, go to the Users and devices-->Terminal servers section, click Configure and then specify the password for terminal server agents.

Step 3. Install the authentication agent

Using Active Directory Group policy install the authentication agent on all PCs where you are going to identify users. The authentication agent is supplied with the administrative template for convenient deployment through Active Directory policies. Using this template, administrators can deploy a valid pre-configured agent to a large number of user workstations at once. Template allows to provide the IP address and port of the UserGate server and the password that you have set on the previous step. For more details on how to deploy a software using Active Directory policies, please refer to Microsoft documentation.

Alternative method is to install authentication agent manually and provide required settings in the following registry keys:

[HKEY_CURRENT_USER\Software\Policies\Entensys\Auth Client]
"ServerIP"=""
"ServerPort"="1813"
"SharedKey"=""

Now UserGate is able to receive information of users. If you have set up an Active Directory connector, then all user names from Active Directory will be available in the system. Alternatively, if the list of users is missing in UserGate, you can use Known users and Unknown users in UserGate rules.

You are here

Search form

6.8. Authentication agent for Windows