Use Cases | 377Step 5 Click Next and save the file as server.crt on your Windows system.The certificate is exported in base-64 encoded format.Step 6 Add the server.crt file to a .zip file.Step 7 Separately save the private key in base-64 format as server.key.Step 8 Add the server.key file to the .zip file that contains server.crt.Step 9 Upload the .zip file to the server as a Server Certificate.Creating Unique Access Policies for AD GroupsIn this use case, we add Outlook Web Access (OWA) resources to the SRA appliance, andneed to configure the access policies for users in multiple Active Directory (AD) groups. We willcreate a local group for each AD group and apply separate access policies to each local group.While Active Directory allows users to be members in multiple groups, the SRA appliance onlyallows each user to belong to a single group. It is this group that determines the access policiesassigned to the user.When importing a user from AD, the user will be placed into the local SRA group with whichthey have the most AD groups in common. For example: Bob belongs to the Users,Administrators, and Engineering AD groups. If one SRA group is associated with Users, andanother is associated with both Administrators and Engineering, Bob will be assigned to theSRA group with both Administrators and Engineering because it matches more of his own ADgroups.The goal of this use case is to show that Dell SonicWALL SRA firmware supports group-basedaccess policies by configuring the following:• Allow Acme Group in Active Directory to access the 10.200.1.102 server using SSH• Allow Mega Group in Active Directory to access Outlook Web Access (OWA) at 10.200.1.10• Allow IT Group in Active Directory to access both SSH and OWA resources defined above• Deny access to these resources to all other groupsThis example configuration is provided courtesy of Vincent Cai, June 2008.Figure C-1 Network TopologyPerform the tasks in order of the following sections:• “Creating the Active Directory Domain” on page 378• “Adding a Global Deny All Policy” on page 379• “Creating Local Groups” on page 380