Under Users catalogs, you can add an LDAP connector to give the LogAn/SIEM servers the access to the AD server. The access to AD allows you to update user name information in logs imported from various sensors, if necessary.
To create an LDAP Connector, click Add and provide these settings:
|
Name |
Description |
|---|---|
|
Enabled |
Enables or disables this LDAP connector. |
|
Name |
The name of the LDAP connector. |
|
Description |
LDAP connector description. |
|
SSL |
This specifies whether SSL is required to connect to the LDAP server. |
|
LDAP domain name or IP address |
The IP address of the domain controller, the domain controller FQDN or the domain FQDN (e.g., test.local). If the domain controller FQDN is specified, UserGate will obtain the domain controller's address using a DNS request. If the domain FQDN is specified, UserGate will use a backup domain controller if the primary one fails. |
|
Bind DN ("login") |
The username for connecting to the LDAP server. Must be in the DOMAIN\username or username@domain format. This user must be already created in the domain. |
|
Password |
The user's password for connecting to the domain. |
|
LDAP domains |
The list of domains served by the specified domain controller, e.g., in case of a domain tree or an Active Directory domain forest. |
|
Search roots |
The list of LDAP server paths relative to which the system will search for users and groups. Specify the full name, e.g., ou=Office,dc=example,dc=com. |
After you filled in the LDAP connector parameters, you can verify if the configuration is correct by clicking the Check connection button. If your settings are correct, the system will report that; otherwise, it will tell you why it cannot connect.