/
Setup LDAP/Active Directory Scan

Setup LDAP/Active Directory Scan

Owned by Space Sync for Confluence
Last updated: Sept 05, 2024
3 min read

This feature gathers: permissions, access rights, enablement status, password change date, creation date, last login date, and last modified date, for groups, users, and other entities (trustees) on an LDAP server. When used with a corresponding CIFS/SMB server, users can review file permissions and access from the Focus UI and reports.

Step 1

Go to Administration > Connections > LDAP

Step 2

Select NEW SCAN SHARE

Step 3

Enter the details of the LDAP to scan and select SAVE.

Definitions

Name: Give a name to the scan to identify it later

Username: The user must be an admin level and have access to all the LDAP utilities to be scanned. The username should be entered in the format user@domain.com

Password: Password for the admin user

IP Address: The IP Address of the server where the LDAP is installed

Certificate (Optional): If the server you wish to scan uses LDAPS (LDAP over SSL/TLS) enter your certificate text here. Otherwise leave it blank

Port: 389 is the default port for LDAP, however for Secure LDAP 636 is used.

Inactivity: This defines inactive users. Default is 90 days

Search: This is the point in the LDAP directory where Focus will start searching from. In this example:

  1. DC stands for Domain Component. An attribute used to represent domain levels.

  2. aws-gv is the name of the first-level domain.

  3. local is the top-level domain.

Together, DC=aws-gv,DC=local represents the domain aws-gv.local.

Step 4

Back on the LDAP connections page, icons to Delete, Edit, and Scan are shown. Select Scan.

Focus has now begun discovering trustees and assessing permissions on files. An overview of the results can be found on the Explore Trustees page.

Step 5

For more detailed information select from one of the hyperlinked: Groups, Users, Active Users, Inactive Users, or Suspended Users, to view tables.

Conversely, the permissions for particular files can be checked. Navigate to the Explore page and under the Actions on each applicable file, select Open Permissions.

For more information about the security of the Active Directory, navigate to Reports and select User Access Report. This pdf report shows information on: Users in the most Groups, Enabled Inactive Users, Domain Administrators, and Users with Outdated Passwords.

Full Walkthrough

 

Related content

Sharepoint Scan Setup
Sharepoint Scan Setup
GV-KnowledgeBase
Read with this
Setup a CIFS/SMB Scan
Setup a CIFS/SMB Scan
GV-KnowledgeBase
More like this
Installation - Upgrade K3s - Focus
Installation - Upgrade K3s - Focus
GV-KnowledgeBase
Read with this
Focus Admin Guide
Focus Admin Guide
GV-KnowledgeBase
More like this
OneDrive Setup
OneDrive Setup
GV-KnowledgeBase
Read with this
Azure App Registration
Azure App Registration
GV-KnowledgeBase
Read with this

Classified as Getvisibility - Partner/Customer Confidential