14 DAY FREE TRIAL

No Search Results

No Search Results

14 DAY FREE TRIAL
  1. Help Center
  2. How-to Guides
  3. Deployment Guides

Category filter

UEM deployment guide for Active Directory

Jump To

Active Directory (AD) is a Microsoft proprietary directory service developed for Windows domain networks. Though it was initially created as a platform for centralized domain management, it soon grew to incorporate a broad range of directory-based identity services. AD provides a database and a set of services that enables administrators to manage and control access to the resources on the corporate network. The directory database hosts the network information and permissions of users and computers in the corporate environment. The service part handles the authentication and authorization required for the interaction of the user with the domain. It is, therefore, the identity service part of AD.

AD comprises several different services; AD Domain Service (AD DS) is one of the core services offered by Microsoft for Windows domain networks. AD DS controls most of the activity that goes on in your IT environment. It provides a primary mechanism for authenticating users or computers and authorizing their access to network resources. The AD DS is also responsible for assigning and enforcing security policies for all network computers and installing or updating the software. It also establishes a framework to deploy other services such as SSO, security certificates, LDAP and access rights management.

Hexnode

With the recent trends like CYOD, COPE, BYOD, etc., organizations worldwide are juggling with devices. IT managers are forced to let in dozens of new devices each day that their employees make use of for work. Proper deployment and administration of these devices using conventional and primitive identity management tools are inefficient and therefore demand a robust tool that can manage resources as well as ensure corporate security, hence, Unified Endpoint Management. Hexnode, one of the top players in the UEM niche, offers a comprehensive set of device, user, app, network and content management capabilities. Furthermore, Hexnode does not fall short on security; the UEMs’ infrastructure is carefully designed to eliminate all vulnerabilities and potential security weak points. Hexnode makes it easier for organizations to deploy work-critical endpoints, manage assets, keep the workforce in check and deliver vital resources without fail. The multi-OS platform support, flexible policies, user, assets, and identity management features further aid the UEM in delivering quality services to the businesses across verticals.

Integration

Hexnode, a Unified Endpoint Management solution, when integrated with Active Directory, an identity and access management platform, offers a fully-fledged and resilient management solution with the potential to tackle all endpoint management needs of the organization. AD DS acts as the domain and identity management service that holds all the directory information and takes care of all the interaction between the user and the corporate domain. Hexnode provides several policies that control and secure the working environment and the objects in it, like users and groups. On the contrary, AD acts as the central source of authentication and access delegation.

When Hexnode acts as the central endpoint management platform, AD aids Hexnode in consolidating all the corporate resources. With the integration, organizations no longer have to repeat the process of adding the corporate resources in AD to Hexnode. The integration binds the AD directory with Hexnode so that all the users and user groups in the AD domain get synced with Hexnode, thereby relieving the IT admins from this gruesome task. Also, this allows you to manage user permissions and authentications in AD by defining the network and resource access through group policies. The devices enrolled in Hexnode are assigned to the AD synced users, and the device-specific operations are pushed to the users’ devices through the UEM.

Hexnode utilizes the AD’s identity and access management abilities for end-user authentication and web-console access for the IT admins through OAuth. You can integrate multiple AD domains with a single Hexnode console. The integration can be set up by installing the Hexnode AD agent app on your Windows machine. This agent bridges communication between the UEM and the directory, thereby facilitating easy management.

How to Integrate?

To integrate AD with Hexnode,

  1. Login to your Hexnode console, click on Admin > Active Directory. This opens up the Agent Settings page when you first configure an Active Directory. First, click on the Download link to download and install the AD Agent on your server. Next, click on the second Download link to download the configuration file.
  2. Launch the Hexnode MDM_AD Setup Wizard. Click on Next to continue or Cancel to exit setup.
  3. Select the destination folder. By default, the setup wizard will install the Hexnode MDM_AD in the folder C:\HexnodeMDM_AD.
  4. Select the configuration file downloaded in step 2. Click on Next.
  5. Once you have uploaded the configuration file successfully, the setup will begin installing Hexnode MDM_AD on your computer. Click on Install.
  6. Click on Finish to exit setup.
  7. On Hexnode console, click on Check agent status to know whether the agent is connected or not. Now, click on ‘Configure AD‘ to configure Active Directory Settings.

Key benefits

  • Centralized Management

    IT admins can leverage the privileges of the integration to achieve a centralized endpoint, user and rights management. Adopting the group policy feature in AD also allows you to attain centralized control over the devices and user configurations.

  • Enhanced Security

    Hexnode’s security management features, when supplemented with AD’s group policy configurations, helps to amplify the network and resource protection.

  • Single Sign-On

    Not all users in the organizational framework are allowed to access all the resources. Therefore, to streamline the access, AD uses authorization frameworks. When a user tries to log in either via AD or Hexnode, AD cross-references their user ID and password and allows access to the authorized data.

  • Automated updates

    To fully benefit from this collaboration, you require frequent communication with the AD domain. For instance, any updates or additions made in the domain might render the initial data synced to Hexnode useless. Therefore, synchronization should be a systematic process, rather than a one-time action. With Hexnode, you can manually or automatically initiate sync actions to reciprocate any changes made to AD in Hexnode.

Key features

  • Database synchronization

    The integration bypasses the hurdle of setting everything up from scratch by syncing the already set up organizational directory resources with Hexnode. Even if your organization has multiple AD domains, it can all be managed using a single Hexnode web management portal.

  • Identity Management

    With the integration, AD acts as the identity management server that validates the users’ authenticity and authorizations, while Hexnode provides endpoint management features.

  • Effortless device deployment

    Devices can be enrolled to Hexnode irrespective of their geolocation. Hence the authenticity of the user and the security of the device is to be analyzed prior to enrollment. Hexnode addresses this by enabling the users to validate their identity by signing in with their corporate credentials. If AD is synced, users can enter their AD username and password to enroll their devices. It ensures a safe, reliable and swift enrollment.

  • Enhanced targeting options

    Any recurring managerial actions can be deployed to the end-users’ devices via the policies in Hexnode. These policies are highly robust and offer flexible targeting options. The AD synced users, groups, and domains can be chosen as a policy target, supplementing easy user management.

  • Technician SSO

    Hexnode offers a number of methods for the technicians to log into the webserver. If the technician is housed inside an AD domain, he/she can log in via the respective AD account. AD validates the user credentials and returns a result to Hexnode; the user is granted access to the server based on this result.

Availability

Hexnode offers its services across five different pricing plans – Express, Pro, Enterprise, Ultimate and Ultra. The broad range of licensing assists Hexnode in meeting the customers with minimal to scaled device management demands.

To avail the Active Directory integration feature, you will have to purchase the Hexnode Enterprise license or above. For multi-domain integration, you need at least an Ultimate license.

Need more help?
Raise a Ticket Raise a Ticket
Ask Community Ask Community
Chat With us Chat With us
  • How-to Guides