Before you can select domain users and groups in a cloud-managed Firebox configuration, you must add them to the authentication domain.
There are two ways to add users and groups to an authentication domain:
- Sync users and groups from an external user database
- Add local users and groups
If you change the configured users and groups for an authentication domain, it could aﬀect devices or services that use the authentication domain.
Sync Users and Groups from an External User Database
To sync users and groups from Active Directory or an LDAP database to your WatchGuard Cloud authentication domain, you must enable and configure directory synchronization. When you configure directory sync, WatchGuard Cloud connects to your external user database and all of your users and groups are added to your authentication domain at one time.
To use the directory sync feature, WatchGuard Endpoint Security or the WatchGuard Cloud agent must be installed on your corporate network in a location that has Internet access and that can connect to your LDAP server. The agent enables communication between WatchGuard Cloud and your Active Directory or LDAP database. You specify the computer to use to sync users and groups from your authentication domain to WatchGuard Cloud when you configure directory sync.
To learn how to sync users and groups, see .Sync Users and Groups from Active Directory or LDAP.
Add Local Users and Groups
You can add local users and groups to your authentication domain in WatchGuard Cloud. Because you can create only one user at a time, you most commonly do this when you want to create test users or to add only a small number of users.