Add Local Users to an Authentication Domain
Before you can use domain users and groups in a cloud-managed Firebox configuration or other WatchGuard Cloud service, you must add them to the authentication domain. The user names you add to a domain must match a user configured in your authentication domain database. User names are case-sensitive.
WARNING: If you change the configured users for an authentication domain, it could affect devices or services that use the authentication domain.
When you add users to the WatchGuard Cloud Directory in Directories and Domain Services, the users are automatically added to AuthPoint as well.
To manage users for an authentication domain, from WatchGuard Cloud:
- If you are a Service Provider, select the name of the managed subscriber account.
- Select Configure > Directories and Domain Services.
The Authentication Domains page opens.
- Click the domain name to edit.
The Update Authentication Domain page opens.
- In the Users tab, click Add User.
The Add User page appears.
You must specify a First Name and User Name. All other information is optional.
- For AuthPoint users, select whether this is an MFA user or a non-MFA user. MFA users are user accounts that will use AuthPoint to authenticate. Non-MFA users are users that will only ever authenticate with a password, such as a service account user. Non-MFA users do not consume an AuthPoint user license and cannot authenticate to resources that require MFA.
If you do not want AuthPoint to create a mobile token for this user account or send an email to the user to activate their mobile token, clear the Automatically assign a mobile token to the user and Automatically send the activation email for the user check boxes.
- Enter the user information. You must specify a First Name and User Name. All other information is optional.
- In the First Name text box, type the first name of the user.
- In the Last Name text box, type the last name of the user.
- In the User Name text box, type the user name.
- In the Email text box, type the email address of the user.
- If the authentication domain has groups, select the groups this user is a member of. AuthPoint users must belong to at least one group. To add a new group, click Add Group.
- Click Save.