MFA Guides

Active Directory Method

The Active Directory content area provides the functionality of enabling users to authenticate to a system using their Active Directory username and password. It also provides the ability for administrators to disable and enable Active Directory user accounts using the Edit User content area.

method_4.png

Depending on the features desired, administrators must enter an account that has read permissions to the forest root along with the permissions to change and reset passwords and change account control throughout the forest or the domains in which users’ passwords are managed.

An account in the domain admin group has both of these permissions. If the account password is changed within Active Directory, it will need to be updated in this screen to avoid potential errors.