Server Connection
To test the connection to your authentication server, you must only select the authentication server to test. To find the authentication status for a user and get user group information for that user, you must also select the authentication server, but the other information you must provide depends on how you have configured your authentication server. If you specified the Searching User name and password in your authentication server settings, you can provide less information on the Server Connection page and still get both the user authentication status and user group information in the test results.
For more information about how to specify the Searching User credentials for your Active Directory or LDAP server, go to Configure Active Directory Authentication and Configure LDAP Authentication.
When you specify the Searching User credentials for your authentication server, you can choose whether to specify only the username or to also specify the password. If you do not specify the password for the Searching User, the Server Connection page Results section only includes the authentication status and group information if you specify both the correct User Name and the correct Password in the Authentication Server Connection section.
This table shows the results you see based on the Searching User credentials you set and the user name and password details that you provide.
| Searching User Credentials | User Name | Password | Result |
|---|---|---|---|
| User name & password | None | None | Authentication status not verified, group information not retrieved |
| Yes | None | Authentication status not verified, group information retrieved | |
| Yes | Incorrect | Authentication status verified, group information retrieved | |
| Yes | Yes | Authentication status verified, group information retrieved | |
| None | None | None | Authentication status not verified, group information not retrieved |
| Yes | None | Authentication status not verified, group information not retrieved | |
| Yes | Incorrect | Authentication status not verified, group information not retrieved | |
| Yes | Yes | Authentication status verified, group information retrieved |
Test the Server Connection
You can test the connection to your authentication server from the Authentication Servers page for your Active Directory or LDAP server, or you can navigate directly to the Server Connection page in Fireware Web UI. When you test the connection, the results you receive depend on the parameters you specified. This can include the connection status of the server, the authentication status of the user you specified, and any group membership information for that user.
For instructions to navigate to the Server Connection page from the Authentication Servers page, go to the appropriate topic for your server:
To navigate directly to the Server Connection page, from Fireware Web UI:
- Log in to Fireware Web as admin or any other user account that has Device Administrator privileges.
- Select System Status > Server Connection.
The Authentication Server Connection page appears.
- From the Authentication Server drop-down list, select the server to test.
- In the Username text box, type the name of a user account in your authentication server database.
- In the Password text box, type the password of the user you specified.
- Click Test Connection.
The Firebox contacts the server you selected and returns results of the connection test in the Results list.
Read the Server Connection Results
The details that appear in the Results list depend on the connection status of your server, the authentication status of the user account you specified, and the user credentials you specified. Results include:
| Detail | Result | Description |
|---|---|---|
| Connect to server | OK (Connected to <server address>) | The connection test was successful and the device is connected to the specified server. |
| Failed (Failed to connect to <server address>) | The connection test was not successful and the device is not connected to the specified server. | |
| Log in (bind) | OK (<user@server domain> authenticated) | The specified user was found in the server database and is currently authenticated to the specified server. |
| Failed (User <user@server domain> not authenticated [<details of reason authentication failed>]) |
The specified user was not found in the server database and is not currently authenticated to the specified server. Details of the reason for the failure are also included. |
|
| Failed (Unknown) | If the device could not connect the specified server and determine whether the specified user is authenticated, the connection test is not successful, and the Log in (bind) result is Failed (Unknown). | |
| Get group membership | List of groups | If the Log in (bind) result is OK, the specified user is in the server database, and the Results list includes all the groups of which the specified user is a member. |
| Empty | If the Log in (bind) result is Failed or Unknown, the specified user was not found in the server database and no group membership details are sent to the device. |