Testing Security Analytics LDAP functionality

book

Article ID: 169009

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

Resolution

1. SA UI setting for LDAP

Setup LDAP Authentication in Settings / Authentication in the Security Analytics UI
 
User-added image
 
Please begin with a simple setup to make sure that connectivity and authentication works fine.
You can then add complexity when you are sure the basics are working.
 
After doing this, validate your settings using ldapsearch finding a certain user (user1) in the specified searchbase
 
2. Example user data
 
LDAPUSERNAME=user1
HOST=lab.mtdtest.com
HOSTPORT='389'
SEARCHBASE='dc=lab,dc=mtdtest,dc=com'
BINDDN='[email protected]'
BINDPASSWORD='Passw0rd'
 
3. ldapsearch CLI Parameters needed:
 
ldapsearch -x -h $HOST \
-p $HOSTPORT \
-D $BINDDN \
-w $BINDPASSWORD \
-b $SEARCHBASE \
"(&(objectClass=User)(sAMAccountName=$LDAPUSERNAME))"
  
4. ldapsearch CLI example using the user data from #2.
 
ldapsearch -x -h lab.mtdtest.com -p 389 -D [email protected] -w Passw0rd -b "dc=lab,dc=mtdtest,dc=com" "(&(objectClass=User)(sAMAccountName=user1))"
 
3. Output abridged (full output attached as a text file)
 
# extended LDIF
#
# LDAPv3
# base <dc=lab,dc=mtdtest,dc=com> with scope subtree
# filter: (&(objectClass=User)(sAMAccountName=user1))
# requesting: ALL
#
 
# user1 MTD, Users, lab.mtdtest.com
dn: CN=user1 MTD,CN=Users,DC=lab,DC=mtdtest,DC=com

***snipped***

msExchRBACPolicyLink: CN=Default Role Assignment Policy,CN=Policies,CN=RBAC,CN
 =mtdtest,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=lab,DC=mtdtest
 ,DC=com
publicDelegatesBL: CN=quarantine,CN=Users,DC=lab,DC=mtdtest,DC=com
 
# search reference
ref: ldap://ForestDnsZones.lab.mtdtest.com/DC=ForestDnsZones,DC=lab,DC=mtdtest
 ,DC=com
 
# search reference
ref: ldap://DomainDnsZones.lab.mtdtest.com/DC=DomainDnsZones,DC=lab,DC=mtdtest
 ,DC=com
 
# search reference
ref: ldap://lab.mtdtest.com/CN=Configuration,DC=lab,DC=mtdtest,DC=com
 
# search result
search: 2
result: 0 Success
 
# numResponses: 5
# numEntries: 1
# numReferences: 3
[[email protected] ~]#
 
 If you are still having issues and want to analyze the the logs, you can follow the steps in this KB article to enable additional debugging: 000024497
 
 

Attachments