Active Directory tab

The Active directory tab allows you to configure the connection of a Sensor to Windows Domain Controllers.

Once the Sensor is properly configured to a Windows Domain Controller, the appliance will automatically keep track of session information. This session information can be used to help identify users that may have been affected by an event or may be the cause of an event to trigger (see User tab).

Prerequisites

Before the Sensor can pull information from Active Directory, the Windows network must be configured properly. See the VMware NSX Network Detection and Response Active Directory Integration Guide ( external link HTML) for configuration details.

Selected appliance summary section

Enter a valid appliance UUID in the Appliance UUID textbox or click list and select a compatible appliance from the Select appliance pop-up. Click Select appliance to dismiss the pop-up.

The Selected Appliance Summary section is displayed. It lists the following appliance details: Name, UUID, Type, Status, License, and IP.

Listing domain controllers

When an appliance is selected, you are presented with a list of its associated domain controllers, if any are configured.

The quick search field above the list provides fast, as-you-type search. It filters the rows in the list, displaying only those rows that have text, in any field, that matches the query string.

Click the plus icon to add a domain controller.

The columns to be displayed in the list can be customized by clicking the additional content icon.

Customize the number of rows to be displayed. The default is 25 entries. Use the left arrow (back) and right arrow (forward) icons to navigate through multiple pages.

The Domain controllers list includes the following fields:

Source name

The name of the domain controller.

Click edit to edit the domain controller.

Click delete to remove the connection to the domain controller.

Hostname

The hostname or IP address of the domain controller.

Username

The username used to authenticate with the domain controller.

Type

The type of domain controller, for example Windows DC.

Polling

The frequency of requests to the domain server in seconds. The default is 60 seconds.

The Add domain controller button is displayed if you do not have any configured domain controllers. Click the button to add a domain controller.

Add domain controller page

On the Add domain controller page, fill in the following:

Appliance UUID

Enter a valid appliance UUID or click list and select a compatible appliance from the Select appliance pop-up.

Source Name

The name of the domain controller. This is another way of manually identifying a configured domain controller. It can be useful in the event of configuring multiple domain controllers.

Hostname

The hostname or IP address of the domain controller.

Polling

The frequency of requests to the domain server in seconds. The default is 60 seconds.

Username

The username used to authenticate with the domain controller. This must be an existing and valid user account to allow login access to the domain controller.

Password

The password used to validate the username to the domain controller. Enter it a second time in the Confirm password field.

Click Add when you are done.

Edit domain controller page

The Edit domain controller page is similar to the Add domain controller page. However, you are unable to change the Appliance UUID or the Source Name when editing the domain controller configuration.

Click Update when you are done.