Active Directory Integration with the Virtual Appliances

Active Directory (AD) integration supplements Umbrella virtual appliances (VAs) by providing AD user, group, or computer name information for each applicable DNS request.

Note: An AD "site” in the context of this document means an independent location with its own domain controllers, DNS server(s), and connection to the internet.

For an overview of how the network topology is expected to work, as well as the flow of traffic with the VA, see Communication Flow and Troubleshooting.

Network Diagram for VA Deployments

The client computers at each AD site must be set to use the VA at their respective site as their DNS resolvers. The VA can then route DNS queries to their appropriate IP address for both internal and external resources. The VA also communicates with the AD environment to query for a list of user information to match to clients. 

Provision Identities from Okta < Active Directory Integration with the Virtual Appliances > Prerequisites