Sophos Firewall: Create multiple AD Server entities in SFOS for multi domains

Disclaimer: Please contact Sophos Professional Services if you require assistance with your specific environment.

Table of Contents


This article describes the steps for a workaround allowing Multiple domains with a Single AD Server having multiple entities.


SFOS uses the Domain under AD Server Domains for the authentication in several modules. This field is a single-use field and mandatory

On CONFIGURE>Authentication>Servers

In some setups, an AD Server can serve multiple Domains at the same time. For example, and 
If we try to set up this in SFOS, it’ll block the configuration as the IP Address is a unique object.

See the reference screenshot below:


What we can do is build a workaround for this behavior in SFOS and create those server(s) with a small adjustment. 

SFOS allows its own DNS entry. Under CONFIGURE>Network >DNS>DNS Host Entrythen click Add.

We can create the same AD Server multiple times with its own Hostname/DNS.
This hostname can be used with each and every domain we want to create.  By doing this, the AD Server can now serve multiple Domains at the same time.

Added RR TAG
[edited by: Erick Jan at 11:24 PM (GMT -8) on 10 Jan 2023]