Skip to main content

Import of Users


Import of Accounts from LDAP

SafeUTM implements the possibility to import accounts from the Active Directory LDAP directory (hereinafter referred to as AD). Import is carried out by LDAP/LDAPS protocols (LDAPS protocol does not require additional settings from UTM and will be used automatically if needed on the domain controller).

AD user groups can be imported into specially created SafeUTM user groups. Any name can be used for them.

In order to import users from AD, you need to perform the following actions:

  1. Create a group in the SafeUTM user tree. Learn more about creating groups in the User & Group article.
  2. Select this group and go to the Active Directory tab on the right side of the screen.
  3. Select the domain to import users from (if SafeUTM is a member of several domains).
  4. In Group Type select LDAP/AD group.
  5. When you click on the LDAP group field, theĀ Active Directory user tree will open. In the tree, select the group to import (you can also select the root group to import the entire tree).
  6. When you click Save, user import will be carried out (it may take a few minutes).

    1. Import of Users.png

In the future, users will be synchronized with Active Directory automatically every 15 minutes.

If necessary, you can use the query filter. For example, if you have users and computers in the same containers, and you want to import only users, write the following text in the LDAP filter field:

(&(objectCategory=person)(objectClass=user))

It is possible to import different AD user groups to different SafeUTM groups for the convenience of assigning firewall rules, content filtering, app control, bandwidth limitation, and other modules to them.

You should not import subgroups of an already imported group, because they will automatically be imported together with the main group.


Importing Accounts from Security Groups

Active Directory users can only be imported into one SafeUTM group. Therefore, if it is in multiple Active Directory security groups, it will only appear in one of the UTM groups that were imported last.

You can import any number of AD security groups into different folders of the SafeUTM user tree.

  1. Create a group in the SafeUTM user tree.
  2. Select the group in the tree and go to the Active Directory tab.
  3. Select the intended domain in Domain Name.
  4. Select AD Security Group in Group Type.
  5. In the field below select the intended security group from the drop-down list.
  6. Click Save.

An example of configuring the import of users from security groups can be seen in the screenshot below:
2. Import of Users.png