Barracuda Networks 4 Spezifikationen PDF herunterladen (Seite 57)

Administrator’s Guide

Integrating with a user authentication service 57

Communication between the LDAP domain controller servers and the Barracuda Web Filters in your

network enable the Barracuda Web Filter to transparently track user login activity in your LDAP

domains. This communication is managed by the following software components:

Domain controller audit policies—The local audit policies are configured so that the domain

controller audits user log-on and log-off activity and generates an account log-on event when a

domain user account is authenticated on this domain controller.

Barracuda DC Agent—The DC Agent is a Windows service that you install and configure on each

LDAP domain controller server that runs Windows Server 2003 with SP1. Configuration of the

service consists of specifying the Barracuda Web Filter devices with which the DC Agent is to

communicate. Each instance of this service maintains a record of all the users that have been

authenticated by the LDAP server.

The DC Agent service appears in the

Control Panel > Services window. You can manually stop and

start the DC Agent like all other Windows services. You should configure this service to start

automatically. The DC Agent service does not impact the performance of your domain controller.

Session Manager—This is the process that you enable and configure on each Barracuda Web Filter

that is to communicate with the DC Agent running on the domain controller. This process has the

capability to communicate with multiple DC Agents.

Note:

The Barracuda DC Agent software should not be installed on your NTLM domain controller.

Moreover, no additional authentication services can be configured in the Barracuda Web Filter system

if NTLM authentication is enabled.

The DC Agent performs the following functions:

• Enables the Barracuda Web Filter to track authenticated accounts in your LDAP directory.

• Keeps a record of all the users that have been authenticated by the domain controller, and then

provides this information to the Session Monitor on the Barracuda Web Filter. The Session

Monitor polls the DC Agent every 15 seconds to obtain the list of authenticated users. You can

change the polling frequency on the

USERS/GROUPS > Configuration page.

• All logging information for the DC Agent is stored in the

DCDebug.txt log, which is located

in the

C:\Program Files\Barracuda directory. The DC Agent creates a new log file daily

or when the size of existing log file exceeds 100 KB, whichever comes first. For example,

DCDebug.txt_2 is automatically created when the size of DCDebug.txt_1 reaches 100 KB or

passes the daily marker. Only the last ten log files are kept on the system. After the tenth log is

created, the first log file is overwritten with new data. For this reason, it is important to view the

time stamp on the log file to determine which file contains the latest data. Logging information

is also shown on the Logs tab of the Barracuda DC Agent management interface. To open this

interface, go to your domain controller and select

Start > Programs > Barracuda > DCAgent.

The following figure illustrates this process.

1 2 ... 52 53 54 55 56 57 58 59 60 61 62 ... 91 92

Kommentare zu diesen Handbüchern

Keine Kommentare

Barracuda Networks 4 Spezifikationen Seite 57

Kommentare zu diesen Handbüchern