How do I establish secure communication between ATP (EDR) and AD?
Article ID: 173993
Endpoint Detection and Response
Advanced Threat Protection Platform
Need to enable secure communication between Advanced Threat Protection (ATP) or Endpoint Detection and Response (SEDR) and Active Directory (AD).
Where do I find the required AD certificate?
How do I update the certificate for AD in ATP or EDR?
Endpoint Detection and Response 4.0 or later
Advanced Threat Protection 3.0 or later
You are configuring Active Directory (AD) in EDR so that AD users can login and use the EDR web user interface.
You have configured AD in EDR and you need to renew a certificate that is expiring or has expired.
To export the AD certificate from the AD server and upload/update it in EDR:
Log on to the AD server
Start > Type MMC and press Enter
to open MMC
File > Add/Remove Snap-in
, click to add certificates to selected snap-ins, select computer account, select local computer, click Finish, click OK.
Certificates > Personal > Certificates
Right click the
AD certificate > select All Tasks > click Export
Upload that AD certificate to the AD connection in the SEDR web user interface
On the left navigation pane, click
Check to ensure all fields are filled in correctly according to your environment's configuration
IMPORTANT: the NetBIOS name field is required as of SEDR 4.3
Check the box to upload or attach the new or updated certificate.
See the Symantec EDR documentation on the Broadcom Support Portal for
Integrating Symantec EDR with Microsoft Active Directory
> Symantec Enterprise Security > Documentation > Endpoint Security and Management > Endpoint Detection and Response (EDR)
Unable to log in with AD credentials after the update to SEDR 4.3
if you are unable to login using AD credentials.