Subsections of Toolset for content creators

Draft of: FAQ article

Brief description of the product or feature that the article pertains to, perhaps including images or an overview video.

Table of contents: Anchor links to each question that is answered within the FAQ. (TOC created manually or with help of extensions like https://marketplace.visualstudio.com/items?itemName=yzhang.markdown-all-in-one )

  1. Split tunner and full tunnel support
    1. Can I use two full tunnel profiles on Acdroid version of Acreto connect client?
    2. Can I use two split-tunnel profiles on the Windows version of Acreto Connect Client?
  2. Split tunner and full tunnel support 2
    1. Can I use two full tunnel profiles on Android version of Acreto connect client 2?
    2. Can I use two split-tunnel profiles on the Windows version of Acreto Connect Client 2?

Split tunnel and full tunnel support

Q: Can I use two split-tunnel profiles on the Android version of Acreto Connect Client?

Answer: No, Android supports only one connection at a time.

Q: Can I use two split-tunnel profiles on the Windows version of Acreto Connect Client?

Answer: Yes, Windows supports the multi-split tunnels option. No additional action is required, just add two split-tunnel profiles to Acreto Connect Client and establish connections.

Split tunnel and full tunnel support 2

Q: Can I use two split-tunnel profiles on the Android version of Acreto Connect Client? 2

Answer: No, Android supports only one connection at a time.

Can I use two split-tunnel profiles on the Windows version of Acreto Connect Client? 2

Answer: Yes, Windows supports the multi-split tunnels option. No additional action is required, just add two split-tunnel profiles to Acreto Connect Client and establish connections.

Further reading

Links to related articles, such as how-tos or troubleshooting related to the product

Draft of: FAQ article

Draft of: How to article

Before You Start

Overview

In this article, you’ll learn how to integrate your Azure Active Directory with an Acreto Ecosystem. This process involves the following steps:

  1. Configuration of Azure AD
  2. Configuration of Acreto Ecosystem
  3. Providing an Onboarding Portal link to users
Warning

This feature is currently in beta mode.

Prerequisities

In order to integrate Acreto with Azure Active Directory, you will need:

  1. Active Acreto Ecosystem
  2. Azure Active Directory - Active Subscription is needed - but basic features are free
  3. Azure Active Directory Domain Services - Active Subscription is needed - ~$109.50/month/set

The Purpose of Azure Active Directory Integration

An Azure Active Directory integration allows your Acreto Ecosystem to utilize the user credentials stored in your Active Directory to connect to the Ecosystem using Acreto TLS Client.

It uses the LDAPS (LDAP Secure) protocol and the Domain Services which can be deployed on the Azure account to sync with AD passwords.

The LDAPS protocol is used to establish communication between the Acreto Ecosystem and the Azure Active Directory.

Tip

Administrators integrate with a Lightweight Directory Access Protocol (LDAP) directory to streamline the user login process and to automate administrative tasks, such as creating users and assigning roles. An LDAP integration allows the system to use it’s existing LDAP server as the master source of user data.

Typically, AD integration is also part of a single sign-on implementation.

How To

Configuration of Azure Active Directory

To configure your Azure Active Directory to work with Acreto, please:

  1. Configure secure LDAP for an Azure Active Directory Domain Services managed domain
  2. Enable password synchronization in Azure Active Directory Domain Services
    • If you followed the first tutorial and don’t use on-premises AD the synchronization (between your Azure AD and Azure AD Domain Services) will be enabled by default. However it is needed to reset the password of all current users. It can be done by expiring all the current passwords, or resetting them manually from the Azure AD Users View.

Configuration of Acreto Ecosystem

  1. Log in to New or Existing Ecosystem

  2. Create Security Policy

    Create a Security Policy that allows users to connect through your Identity Provider to reach all destinations.

To allow users, employees or team members (data-plane users) to authenticate in OpenVPN using Azure AD credentials, Acreto offers unique and individual URLs for every Ecosystem portal called Onboarding Portal.

  1. To access the unique URL to that portal, please click on Edit next to previously added IdP and scroll down.

  2. Then, click on the icon to copy the URL

Frequently Asked Questions

  1. Active Directory included into Office 365 subscription sufficient for the integration?

    No, Office 365 subscription covers only the free Azure Active Directory.

    You need Azure Active Directory Domain Services which is an additional subscription from Microsoft.

  2. Why is it required to enable password synchronization in Azure Active Directory Domain Services?

    Enable password synchronization in Azure Active Directory Domain Services - As documented on Microsoft article Tutorial: Configure secure LDAP for an Azure Active Directory Domain Services managed domain:

    Users (and service accounts) can’t perform LDAP simple binds if you have disabled NTLM password hash synchronization on your managed domain.

    Acreto uses LDAP simple binds, therefore NTLM password hash synchronization feature needs to be enabled.

    If you followed the first tutorial and don’t use on-premises AD the synchronization (between your Azure AD and Azure AD Domain Services) will be enabled by default. However it is needed to reset the password of all current users. It can be done by expiring all the current passwords or resetting them manually from the Azure AD Users View.

Summary

Thanks to Acreto and Azure Active Directory Identity Provider Integration, users can connect to an Acreto Ecosystem with the same credentials utilized for other internal resources on their network domain.

Also, Acreto Ecosystem Admin(s) can re-use any existing password and security policies that are already in place. For example, the Active Directory may already have account lockout and password expiration policies.

Draft of: Informational article

TLDR

Short TDLR One or two sentences: What user can lern? What is added value?

Subtitle of article section 1

An Azure Active Directory integration allows your Acreto Ecosystem to utilize the user credentials stored in your Active Directory to connect to the Ecosystem using Acreto TLS Client.

[PLACE FOR DIAGRAM / INFOGRAPHIC]

It uses the LDAPS (LDAP Secure) protocol and the Domain Services which can be deployed on the Azure account to sync with AD passwords.

The LDAPS protocol is used to establish communication between the Acreto Ecosystem and the Azure Active Directory.

Typically, AD integration is also part of a single sign-on implementation.

Subtitle of article section 2

An Azure Active Directory integration allows your Acreto Ecosystem to utilize the user credentials stored in your Active Directory to connect to the Ecosystem using Acreto TLS Client.

It uses the LDAPS (LDAP Secure) protocol and the Domain Services which can be deployed on the Azure account to sync with AD passwords.

The LDAPS protocol is used to establish communication between the Acreto Ecosystem and the Azure Active Directory.

Typically, AD integration is also part of a single sign-on implementation.

Summary

Thanks to Acreto and Azure Active Directory Identity Provider Integration, users can connect to an Acreto Ecosystem with the same credentials utilized for other internal resources on their network domain.

Also, Acreto Ecosystem Admin(s) can re-use any existing password and security policies that are already in place. For example, the Active Directory may already have account lockout and password expiration policies.

Further reading

  1. Position #1
  2. Position #2

Draft of: solution article

Problem description

Is this what happens to me? 2-3 sentences to see if I’m on a correct page. Maybe just copy teaser.

Symptom 1: Something does not work

Lorem ipsum

Symptom 2: Logs contain something

System log contain records:

Some error info
Another error info

Cause

Describe WHY it breaks.

Solutions

How we can solve this?

Solution 1: turn on your computer

Turn on your computer and you will be fine.

Solution 2: connect to the Internet

Connect to the Internet and everything will magically start working.

See also

Please refer to the following additional material:

  1. some link

Test page for shortcodes

Images

Without title

To display the image in content place

![](./img/acreto.jpg)

This code will display image without a caption:

With title

To display the image with title/caption in content place

![](./img/acreto.jpg "some title here")

This code will display image with caption:

Video

Youtube

To display video from youtube.com https://www.youtube.com/watch?v=w7Ft2ymGmfc place ID of video (last part after ?v=) in the shortcode

youtube w7Ft2ymGmfc

Where w7Ft2ymGmfc is the ID of video. This will create:

<div style="position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;">
  <iframe src="https://www.youtube.com/embed/w7Ft2ymGmfc" style="position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;" allowfullscreen title="YouTube Video"></iframe>
</div>

and display as

Local video files

To display video from local files place URL to video in the shortcode

video src="./img/test1.mp4"

This will create:

<div class="wrapper-video">
  <video src="./img/test1.mp4"  style="max-height: 500px;" controls loop playsinline>
      Sorry, your browser doesn't support embedded videos, but don't worry, you can
      <a href="./img/test1.mp4">download it</a>
      and watch it with your favorite video player!
  </video>
</div>

and display as