Multiple Windows Authentication Records
Click here to view navigation pane

Multiple Windows Authentication Records

You can configure as many Windows authentication records as you like. We'll always try to match each Windows host to one Windows record, if you have any. Once a match is found we'll use the matching record for authenticating to the host, and we'll stop looking for other possible matches.

Do you have multiple Windows records? The order used to match a host to a Windows record depends on a couple of things.

 

Record types evaluated in this order

1) Domain Authentication - Service-Selected IPs1) Domain Authentication - Service-Selected IPs

We'll look at domain records with service-selected IPs (records set to "Domain: NetBIOS, Service-Selected IPs) to see if the host is registered with a domain in one of those records. If a match is found, the credentials in the record are used for authentication.

2) Domain Authentication - User-Selected IPs2) Domain Authentication - User-Selected IPs

We'll look at domain records where users configure the target host IPs (records set to "Domain: NetBIOS, User-Selected IPs). In the case where the credentials in a service-selected IPs record were used for authentication to the host and authentication failed, we'll look to see if the host is included in a user-selected IPs record for local authentication only. If a match is found, the credentials in the record are used for authentication.

3) Local Authentication3) Local Authentication

We'll look at Windows records set to "Local" authentication to see if the host is included in one of those records. If a match is found, the credentials in the record are used for authentication.

4) Active Directory4) Active Directory

We'll look at Windows records set to "Active Directory" and attempt to authenticate to hosts found in the Fully Qualified Domain Name (FQDN) defined for each.

 

Administrator vs another account

First we'll attempt to match the host to a Windows record with an Administrator account in this order:

1) Records set to NetBIOS, Service-Selected IPs

2) Records set to NetBIOS, User-Selected IPs

3) Records set to Local

4) Records set to Active Directory

If we do match the host to a record with an Administrator account, we'll attempt to match the host to a record with another account, following the same order.