Skip to main content
Skip table of contents

Microsoft Active Directory

Microsoft Active Directory (AD) is a directory service for Windows domain networks that authenticates and authorizes all users and computers.

This connector fetches the following types of assets:

  • Computers

  • Users

Configuring the Connector for Microsoft Active Directory

To configure Lucidum to ingest data from Microsoft Active Directory:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • Host (required) - The hostname or IP address of the LDAP server.

    • Port (optional) - TCP/UDP port 389 or TCP port 636 if SSL connection is used

    • User Name  (required) - A user name or email with read permission with the password. For domain user, the user name should be in the form: DOMAIN\USERNAME (for example, LDAP\lucidum).

    • Password (required) - A user name or email with read permission with the password.

    • User base (required) - Search base for user information. It is better to provide the “root” base for Lucidum. For example, dc=ad,dc=lucidum,dc=com

    • Computer base (required) - Search base for computer information. It is better to provide the “root” base for Lucidum. For example, dc=ad,dc=lucidum,dc=com

    • Connection Timeout. Connection timeout in seconds. Default value is 10

    • Get Server Info. Specify schema, info, or all.

    • Auto Bind (optional, default is true) - Auto bind or not.

    • Read Only. Specify if the connection is Read only.

    • Check Names. When set as true, attribute names in assertions and filters will be checked against the schema (Server must have schema loaded with the get_info=ALL or get_info=SCHEMA parameter) and search result will be formatted as specified in schema.

    • LDAP Version. LDAP version. Default value is “3”.

    • Client Strategy. Communication strategy used by the client, default is SYNC

    • Auto Referrals. Whether the Connection must follows referrals automatically, default is false

    • Authentication (optional) - Authentication method, default is “SIMPLE.

    • Page Size. Result paged size, default is 1000

    • Mode. Specify dual IP stack behaviour for resolving LDAP server names in DN

    • TLS Validate (optional) - TLS validation method, default is “CERT_NONE”.

    • TLS Version (optional) - TLS version, default is “PROTOCOL_TLSv1”.

    • TLS Ciphers. TLS ciphers, default is ALL and let the connector negotiate a matching cipher

    • Proxy. Enter the IP address:port for the proxy server.

    • Verify SSL. For future use.

  6. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

Supported Actions

  • Enable/Disable users or computers

  • Add or Update LDAP attributes of users or computers

  • Prompt user to change password

  • Add/Remove users or computers from Group (DN)

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close