Web Development

Active Directory User authentication with the Untangle appliance

The ability to bring low cost solutions with high functionality is priority one for most SOHO's. Untangle offers Active Directory authentication for the remote portal at an incredible price.

The ability to bring low-cost solutions with high functionality is priority one for most SOHOs. Untangle offers Active Directory authentication for the remote portal at an incredible price.


In last week's network blog, I mentioned the Untangle appliance for gateway connectivity. One feature that can really take the open source tools to the next level is their ability to plug in to something like Active Directory for authentication and remote access policies. This feature, called the Active Directory (AD) Connector, really empowers the small office to bring some granular manageability into the Internet gateway without a large investment. The AD Connector is priced very reasonably at $15 monthly for up to 50 users. The full chart of pricing options in tiers per user volume is outlined on the Untangle Web site. With the AD Connector enabled, a gateway is configured to pull the users from the AD domain and populate them in the local user store. Figure A shows usernames retrieved from the RWVDEV.INTRA domain: Figure A Figure AFrom within the Untangle appliance, the remote portal configuration allows specified Web URL shortcuts, file path shortcuts, and remote desktop connection links to devices on the internal network. The portal can be configured for all users or customized for particular users relevant to their security context. Figure B shows a Web portal configured for one user: Figure B

Once you are logged in to the portal, the selected shortcuts can be launched from the client's browser using their AD credentials. Within the portal, it is important to note that the sessions will not be a native application. For example, the Remote Desktop session is actually a ProperJavaRDP open source Java client. Regardless, the functionality in the portal is robust and quite intuitive to configure. For the Windows administrator out there, the users are pulled from all organizational units within the Active Directory domain, but Untangle can connect only one domain per appliance.

More information can be found about the AD Connector online at the Untangle wiki site.

About

Rick Vanover is a software strategy specialist for Veeam Software, based in Columbus, Ohio. Rick has years of IT experience and focuses on virtualization, Windows-based server administration, and system hardware.

9 comments
onephatcat
onephatcat

We were using the free version of Untangle as our firewall, and planning to purchase the full license as we were starting to like some of its features, ease of configuration etc. In the middle of the night a few weeks ago there was an automatic update that radically altered the whole way Untangle worked, and screwed up some of our configurations causing a loss of connectivity to our mail server. The new UI was a nightmare that we had difficulty figuring out. We purchased a support license for 1 month to try to work out the issue, but Untangle support essentially said that the configuration we were using wouldn't really work. We switched to PF and set the Untangle server to just be our VPN server. We were certain we had disabled automatic updates, but another update happened - this time the network settings reverted to the previous settings, again taking our mail server offline... The really bad thing here is Untangle releasing a major software upgrade with significant functionality changes, major revisions in configuration process and insensitivity to existing configuration as an automatic update without warning users.

smorrow
smorrow

This is defnitely a great feature, and probably should have a cost associated to it. But, a monthly fee? Per user?

gabrielfront
gabrielfront

Hi. Try to consider the whole pack of features. You have 14 security services at no charge. The AD connection functionality comes with live support and other additional benefits in the propack as the site says. Looking to a SAS perspective I see no harm. Gabriel

b4real
b4real

I am convinced this is among the more reasonable pricing features for this type of functionality.

tmcclaskey
tmcclaskey

$15 monthly for up to fifty AD users. Also has link to complete pricing. Or goto www.untangle.com and find it!

smorrow
smorrow

Like I originally said, I would have no issues paying for this feature. I just don't see it as worthy of a monthly fee I guess. I understand Untagle needs to generate some revenue from this project. I would be much more likely to purchase this feature if it were a one time cost though. Typically you're looking at projects like this to keep the costs down compared to a more commercial alternatives.

smorrow
smorrow

Umm... yeah I know. That was sort of my point. But thanks anyway.

Dumphrey
Dumphrey

set up 50 exchange accounts, this is like buying a gumball... But I agree a one time fee option would be more comfortable to many people. Also, AD integration with your firewall/proxy is not a feature every company/user is going to need or want.

calvink77
calvink77

Totally agree with smorrow, would actually use it, if its a once off fee compare to a monthly fee.

Editor's Picks