Domain authentication
Domain authentication allows users to sign in using their existing Active Directory credentials. This is the recommended authentication method for organizations with Windows domain infrastructure.
How it works
When a user signs in with a domain account, fDeploy Server validates the credentials against the configured Active Directory domain controller. Upon successful authentication, fDeploy Server creates a local user record linked to the domain account if one does not already exist.
Configuration
Domain authentication can be configured from Configuration → Authentication in the web interface, or directly in the fDeploy Server appsettings.json file:
"DirectorySettings": { "AuthDomain": "your-domain-controller-address", "AuthContainer": "DC=yourdomain,DC=com", "GroupTeamMappings": { "Domain Admins": "fDeploy Administrators", "fDeploy Managers": "fDeploy Managers" }}| Setting | Description |
|---|---|
AuthDomain | The hostname or IP address of your Active Directory domain controller |
AuthContainer | The LDAP distinguished name (DN) of the container to search for user accounts |
GroupTeamMappings | Maps Active Directory security groups to fDeploy teams. When a domain user signs in, their AD group memberships are checked and they are automatically added to the matching teams. Users are also removed from mapped teams if they no longer belong to the corresponding AD group. |
Signing in
- Navigate to fDeploy Server in your browser
- Select Sign in with a domain account
- Enter your domain username and password
- Click Sign in
Domain users in fDeploy
Domain users appear in the user management area with Directory as their authentication source. Their team membership is synchronized automatically from Active Directory on each sign-in based on the configured GroupTeamMappings. Password management (reset, change) for domain accounts is handled through Active Directory, not through fDeploy.