Active Directories Settings

Active Directories page is used to integrate MetaDefender Vault with your organization Active Directory in order to synchronize users.

In order to be able to setup Active Directory integration, you will read permissions.

Note

Please note that if your configuration produces a higher number of users to be synchronized than currently available licenses, all users except the local administrator will be temporarily disabled (unlicensed) until you either use User Filtering Configuration to lower the number of synchronized users or buy more licenses.

Account settings

Setting

Description

Server Address

Address of the Active Directory server from where the users will be synchronized

Port

The port that will be used to connect to Active Directory
Note: the default port for LDAP is 389 and the default port for LDAPS is 636

Authentication Type

None: U se basic authentication (simple bind)

Secure: Request secure authentication
Note: AD DS uses Kerberos and possibly NTLM to authenticate the client

Secure Sockets Layer: Attaches a cryptographic signature to the message that both identifies the sender and ensures that the message has not been modified in transit.
 Note: AD DS requires the Certificate Server be installed to support Secure Sockets Layer (SSL) encryption.

Username

Username of a user inside the Active Directory who has read permissions

Password

The user's password to be used

images/download/attachments/27531663/image2018-10-3_11-53-12.png

When you have filled the required information click Continue.

In the next screen the user can input the following:

  • Synchronization configuration: Changes Check Period (Seconds)

  • Failed Login Attempts Configuration: Login Attempts Allowed, Lock Account For (Minutes), Reset Login Attempt Counter After (Minutes)

Advanced settings

Settings

Description

Changes Check Period

Time interval between synchronizations

Login Attempts Allowed

Number of failed login attempts that can be done before the account will be locked

Lock Account For (Minutes)

If the number of failed login attempts is higher than the predefined number, the account will be locked for X minutes

Reset Login Attempt Counter After (Minutes)

0 - Counter is never reset
X - Counter resets after X minutes

images/download/attachments/27531663/image2018-2-7_8-59-22.png

User Filtering Configuration

After selecting Continue on the previous screen, the user goes to the next screen which is User Filtering Configuration.

Follow the link in the note below for information on how to configure user filtering.

Note

After you complete the basic configuration you will be redirected to User Filtering Configuration page where you can fine tune the way users and administrators are synchronized according to your Active Directory structure.

Active Directory Configuration successfully configured

After selecting Continue on User Filtering screen, the last screen is the result, which should be successful, if all is configured correctly.

This page gives you information like:

  • Users found

  • Filtered users count

images/download/attachments/27531663/image2018-2-7_9-0-18.png

Active Directory List

After you have successfully configured multiple Active Directories, the list should be displayed as follows:

images/download/attachments/27531663/image2018-2-9_11-40-13.png

Useful information in the list:

  • Server name

  • State: enabled/disabled

  • Users count: numbers of users imported from that AD

  • Changes Check period

  • Action buttons

    • Enable/Disable: enables/disables AD. When enabling/disabling an AD the users are added/removed form Users>Active page. Entries are also visible in Audit.

    • Settings: takes user to AD configuration settings like advance settings or user filtering.

    • Delete: removes completely that AD from the list, including its users imported