PRTG Logo

How to enable Active Directory authentication in PRTG in 4 steps

Free download
product overview

Active Directory authentication with PRTG: Step-by-Step Guide

Table of content

By default, PRTG uses its own internal user account database to authenticate users. For many PRTG customers, particularly those with smaller networks, this local authentication meets all their needs.

But for PRTG customers who have more complex environments and infrastructures or who want to reduce the number of authentication mechanisms in their networks, PRTG offers Active Directory (AD) integration as well.

This way, all members of the AD user groups that are mapped to user groups in PRTG during the integration can log in to PRTG with their AD domain credentials afterward.

Prepare your Active Directory for PRTG integration

Screenstho Folder Active Directory
Screenstho Folder Active Directory


In the AD, make sure that users who require the same access rights for PRTG are in the same AD user group.

In our example, the AD user group PRTG_ADM contains the two administrator user accounts that later have administrative rights in PRTG and that can also manage access rights and cluster setups and change the monitoring configuration of PRTG. The AD user group PRTG_RO contains the four user accounts that later have only read access rights in PRTG.

Bring your monitoring experience to the next level with PRTG

Get full visibility with real-time dashboards, alerts, and customizable sensors

Free download
PRODUCT OVERVIEW

Prepare your PRTG core server system

Make sure that the PRTG core server system is a member of the AD domain with which you want to integrate it. You can check and, if necessary, change this setting via the Windows Control Panel:

  1. Navigate to System.
  2. Go to section Computer name, domain, and workgroup settings.
  3. Check the settings Full computer name and Domain.

Add Active Directory domain details to PRTG

Screenshot PRTG Active Directory Integration
Screenshot PRTG Active Directory Integration

In the next step, you need to provide your local AD domain details in PRTG:
 

  1. Open the PRTG web interface and select Setup | System Administration |
    Core & Probes from the main menu.
  2. Go to section Active Directory Integration and enter your local AD domain name in the Domain Name field.
  3. Choose your preferred LDAP Connection Security
  4. Under Access Type, select Use explicit credentials to define the Windows service account that PRTG uses to authenticate against the AD.

    ? The service account must have the Read permissions, Read all properties, and List contents permissions for all your AD user groups.
  5. Under User Name, enter the service account name that PRTG uses to access the AD.
  6. Under Password, enter the respective password of the service account.
  7. Click Save.

PRTG makes monitoring as easy as it gets

Custom alerts and data visualization let you quickly identify and prevent all kinds of issues

Free download
PRODUCT OVERVIEW

Add new user groups in PRTG

Screenshot PRTG Add User Group
Screenshot PRTG Add User Group
  1. In the PRTG web interface, select Setup | System Administration | User Groups from the main menu.
  2. Hover over and select Add User Group.
  3. Provide a meaningful User Group Name.
  4. Under Administrative Rights, select Give user group members administrative rights.
  5. Under Active Directory or Single Sign-On Integration, select Use Active Directory integration.
  6. Under Active Directory Group, select the AD user group whose members later have access to PRTG. For our example, we chose the PRTG_ADM user group.
    For very large ADs, you see an input field instead of a dropdown list when you add or modify a user group. In this case, you can only enter the AD user group name. PRTG automatically adds the prefix.

Repeat these steps for the PRTG_RO user group to create a second group of users that have only read access rights for PRTG. In this case, leave the default setting under Administrative Rights.

Now, members of the defined AD groups can log in to PRTG with the respective access rights.

Screenshot PRTG device tree objects
Screenshot PRTG device tree objects

In the device tree, PRTG automatically creates new groups with the name [group_name] home for each of the integrated AD user groups.

Do not forget to set group access rights that apply to device tree objects as well as to libraries, maps, and reports. You can do so in an object’s settings in section Access Rights.

The easiest way is to set group access rights in the settings of the root group.

This how-to guide only scratches the surface?

Get more deep-dive information here!

Preview Video

In this video, you get a quick overview of PRTG

View more
Preview Knowledge Base

Active Directory is also discussed in our Knowledge Base

READ more
Preview Manual

Our Manual describes Active Directory Integration in detail

REad more
PRTG Logo

Start monitoring your IT infrastructure for free with PRTG and see how it can make your network more reliable and your job easier.

Free download
PRODUCT OVERVIEW