Technical references : Administration : LDAPS configuration : Microsoft Active Directory configuration
Microsoft Active Directory configuration
For Active Directory, a login module is developed that provides information to the user concerning the reasons for failing to log on.
The following cases are supported:
Invalid credentials
Not permitted to log on at this time
Not permitted to log on at this workstation
Account disabled
Password must be reset
Account is locked
Unable to log on
User name was not found
Your password is expired
Your account has expired
In all other cases a generic error is displayed (“Unable to log on.”).
* 
Messages are only displayed if the login module flag is required. If you set it to another level, the module is not mandatory and no messages are displayed.
In order to use Active Directory authentication, you must configure the LDAPS settings first in the standalone-full.xml to match the LDAPS configuration to be used by the installation customer.
All steps are equal to the LDAPS configuration (please refer to the previous sections). The only difference between standard LDAPS and AD LDAPS is the login module.
1. Replace all occurrences of the LDAPS login module:
org.jboss.security.auth.spi.LdapExtLoginModule
with the AD login module:
com.planonsoftware.jboss.login.artemis.server.PnActiveDirectoryLoginModule
2. Do this twice for 'Login configuration with plain password' in the command line of Step 1.
3. Do this twice for 'Login configuration with encrypted password' in the command line of Step 4.