Using Next Active Directory Integration means that you need at least a basic understanding of TCP/IP networking. In this section you’ll get an overview of common strategies how to connect your WordPress installation with your Active Directory.

Establishing the connection between WordPress and Active Directory

WordPress installation in your corporate intranet

If you are hosting your WordPress installation on your own internal server it should be easy to connect both parties.

  1. Log on to your webserver and try a

     ping $IP_OR_DNS_OF_ACTIVE_DIRECTORY
    
  2. The ping command should succeed. If it fails you should check the incoming firewall rules of your Active Directory and the outgoing firewall rules of your webserver.

Public WordPress installation on the Internet

To use Next Active Directory Integration on the Internet it requires you further access to the webserver and PHP configuration.

DNAT

Using DNAT means opening a port in your corporate firewall and forwarding any traffic on this port to your internal Active Directory.

  1. On your Active Directory server: Allow incoming TCP traffic from your firewall (if masquerading is enabled) or the external webserver.
  2. On your firewall: Add a DNAT rule from the IP address of your webserver (TCP protocol) to your external firewall interface on port 44389 which is forwarded to the IP of your Active directory on port 389.
  3. On your webserver: Check firewall rules for outgoing traffic to the IP address of your firewall on port 44389/TCP.

VPN

If you have the option to establish a VPN between your corporate network and your webserver you should prefer this method.

  1. Create a SSL- or IPSec-VPN.
  2. In your firewall restrict the access from the webserver’s IP-VPN address to your Active Directory IP.
AWS and VPC

If your WordPress installation is hosted in your AWS cloud which already connects your corporate network through Amazon Virtual Private Cloud with your hosted servers the connection between both endpoints should be already available.