Supported Active Directory Environments
ESET Secure Authentication On-Prem (ESA) supports single and multiple domain Active Directory environments. The differences between these environments and their installation requirements are detailed below.
Single Domain, Single Forest
The most straightforward configuration and the installer may be run as any Domain Admin. ESET Secure Authentication On-Prem is available to all users within the domain.
Multiple Domain, Single Forest
In this deployment, a parent domain such as example.corp has multiple sub-domains such as branch1.example.corp and branch2.example.corp. ESET Secure Authentication On-Prem may be deployed on any of the forest domains, but there is no cross-communication between the installations. There is no sharing of credentials across child and parent domains.
To install ESET Secure Authentication On-Prem on a sub-domain, the installer must be launched as a Domain Admin user from the top-level domain.
For example, using the example domains defined previously:
To install ESET Secure Authentication On-Prem on server01.branch1.example.corp, log on to server01 as the example.corp\Administrator user (or any other Admin from example.corp). After installation, ESET Secure Authentication On-Prem will be available to any user within the branch1.example.corp domain.
Multiple Domain, Multiple Forest
This is identical to the previous environment. ESET Secure Authentication On-Prem installations in separate domains are not aware of each other.
Benefits of installing ESA in Active Directory Integration mode
If you install the authentication server in Active Directory Integration mode:
•Users of the same domain are automatically visible in ESA Web Console
•ESA components within the same domain register automatically (no invitation needed)
Users and components form other domains You can add users from other domains manually or import them using self-enrollment or synchronization with LDAP. To add components from other domains, use invitations. |