Video tutorial : How to create Active Directory

Many organizations want to allow different levels of access to web sites for different groups of users. To do this, you must: Define the different groups of users on your authentication server. Add an HTTP proxy policy for each group of users. The policy includes WebBlocker configuration settings for that group. Add an HTTP proxy policy for non-authenticated users that automatically redirects them to the WatchGuard authentication page. Example scenario To show an example throughout this topic of how to set up this configuration, we use an educational setting that wants to define different levels of web access for two groups: Students (more restricted access) Teachers (less restricted access) Define groups on the authentication server First, you must set up user authentication. You can use any authentication method, such as Active Directory, local authentication, Radius, or LDAP. For information about the supported authentication methods, see Authentication server types. In the example described in the previous section, we assume that the school has configured their Firebox to use Active Directory for authentication. You must then define the user groups in the authentication server that correspond to the different WebBlocker policies you want to use. In this example, we define the groups Teachers and Students on the Active Directory server. Create an HTTP policy for the group you want to have the most restricted access In Policy Manager, click the plus (+) sign on the Policy Manager toolbar. Or select Edit > Add Policies. The Add Policies dialog box appears. Click the plus (+) sign on the left side of the folder to expand the Proxies folder. A list of proxies appears. Click the HTTP proxy. Click Add. The New Policy Properties dialog box appears.