Windows Services Setup Guide

ADConnector is used to enable Single Sign-On capability to domain Windows and Macintosh devices and SafeConnect without the need for a Policy Key.

The DHCP Syslog service provide IP address to MAC address correlation data enabling the ability to persist device details across multiple sessions.

The OPSWAT AD Connector has been introduced to collect all AD Sign-on events from one or more Active Directory Services (supports Windows Server 2003 and Windows Server 2008, and Server 2012). The sign on events will be sent from the Active Directory Servers to the SafeConnect Policy Manager for Single Sign-On and Device Ownership assignment.


As of the 6.01 release of SafeConnect, domain member Windows and Macintosh machines no longer require a policy key to use domain style single sign-on. This release also adds the device attribute feature. Domain machines can now be place into Policy Groups based on attributes defined for the device in Active Directory.

SafeConnect leverages DHCP information to achieve several goals

Device Persistence: DHCP data provides the necessary mac address information to allow SafeConnectto track a single device after multiple IP lease expiration. The result is that users have the ability to more easily use their devices after leaving the network and returning later.

Policy Enforcement by Mac Address: With DHCP information, enforcement for non-Policy Key devices can be applied based on a mac address. In most environments, a mac address is much more reliable since IP assignments change over time.

Device Enrollment: SafeConnect provides the ability to enroll network-enabled media and gaming devices. Before this functionality can work, SafeConnect must have a reliable source, such as DHCP, for obtaining mac address information for these devices.

The Purpose of this document is to outline the steps required to configure an Active Directory environment to Single Sign-On domain member Windows and Macintosh machines to a SafeConnect system and send device specific attributes to SafeConnect and to configure a Windows DHCP server to forward DHCP syslog to a SafeConnect environment.