Lucidum has been acquired by Cyderes → [Read the announcement]

Lucidum has been acquired by Cyderes → [Read the announcement]

View Categories

Microsoft Active Directory

Estimated Reading Time: 3 min read

Microsoft Active Directory (AD) provide a single point of control for managing users, computers, groups, and other resources on a network. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information

The Lucidum connector ingests the following types of assets:

  • Computers

  • Users

Configuring the Connector for Microsoft Active Directory #

To configure Lucidum to ingest data from Microsoft Active Directory:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • HostThe hostname or IP address of the LDAP server.

    • Port (optional). ITCP/UDP port 389 . If SSL is enabled, specify TCP port 636.

    • User Name. A user name or email address for an AD account that can query/read Active Directory.

      • For a domain user, the user name should be in the form: DOMAIN\USERNAME (for example, LDAP\lucidum).

      • If SSL is enabled, enter an email address.

    • User base. Search base for user information. It is better to provide the “root” base for Lucidum. For example, dc=ad,dc=lucidum,dc=com

    • PasswordA password for an AD account that can query/read Active Directory.

    • Computer baseSearch base for computer information. Provide the “root” base. For example, dc=ad,dc=lucidum,dc=com

    • SSL Authentication (optional). Enable and disable SSL authentication. Default mode if “off”

    • Authentication Method (optional). Choices are SASL or SIMPLE. Default method is SIMPLE.

    • TLS Validation (optional). TLS validation method. Default is “CERT_NONE”.

    • TLS Version (optional). TLS version. Default is “PROTOCOL_TLSv1”.

    • TLS Ciphers. TLS ciphers. Default is ALL and to let the connector negotiate a matching cipher

    • Auto Bind (optional). Toggle on and off auto binding. The default value is “on”.

    • Connection Timeout (optional). Connection timeout in seconds. Default value is 10 seconds.

    • Get Server Info (optional). Specify schemainfo, or all.

    • Read Only (optional). Specify if the connection is Read only. Default value is “on”.

    • Check Names (optional). When set as “on”, attribute names in assertions and filters will be checked against the schema (Get Server Info field must be ALL or SCHEMA) and search result will be formatted as specified in schema. Default value is “on”.

    • LDAP Version (optional). LDAP version. Default value is “3”.

    • Client Strategy (optional). Communication strategy used by the client. Default is SYNC

    • Auto Referrals (optional). Specifies whether the Connection must follows referrals automatically. Default value is “off”.

    • Page Size (optional). Results page size. Default is 1000

    • Mode (optional). Specify dual IP stack behaviour for resolving LDAP server names in DN.

    • Proxy. If you are using a proxy server to allow this connector to communicate with on-premises devices, enter the IP address: port for the proxy server, usually 192.168.255.6:3128.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

What are your Feelings