Supported Active Directory Environments

ESET Secure Authentication (ESA) supports single and multiple domain Active Directory environments. The differences between these environments and their installation requirements are detailed below.

Single Domain, Single Forest

The most straightforward configuration and the installer may be run as any Domain Admin. ESET Secure Authentication is available to all users within the domain.

Multiple Domain, Single Forest

In this deployment, a parent domain such as example.corp has multiple sub-domains such as branch1.example.corp and branch2.example.corp. ESET Secure Authentication may be deployed on any of the forest domains, but there is no cross-communication between the installations. There is no sharing of credentials across child and parent domains.

To install ESET Secure Authentication on a sub-domain, the installer must be launched as a Domain Admin user from the top-level domain.

For example, using the example domains defined previously:

To install ESET Secure Authentication on server01.branch1.example.corp, log on to server01 as the example.corp\Administrator user (or any other Admin from example.corp). After installation, ESET Secure Authentication will be available to any user within the branch1.example.corp domain.

Multiple Domain, Multiple Forest

This is identical to the previous environment. ESET Secure Authentication installations in separate domains are not aware of each other.

Benefits of installing ESA in Active Directory Integration mode

If you install the authentication server in Active Directory Integration mode:

Users of the same domain are automatically visible in ESA Web Console

ESA components within the same domain register automatically (no invitation needed)


note

Users and components form other domains

You can add users from other domains manually or import them using self-enrollment or synchronization with LDAP.

To add components from other domains, use invitations.