How to configure and use LDAP/AD authentication sources within Symantec Control Compliance Suite Vulnerability Manager - CCS VM.

book

Article ID: 180414

calendar_today

Updated On:

Products

Control Compliance Suite Vulnerability Manager

Issue/Introduction

 

Resolution

There are several steps in order to properly configure and use LDAP/AD authentication sources within Symantec Control Compliance Suite Vulnerability Manager (CCSVM).

 

This HOWTO is an example and might not suit your requirements, this is not a replacement of the documentation that ships with CCSVM.

 

Step 1:

go to Home:: Administration :: CCS Vulnerability Manager Security Console :: Configuration -> Authentication.

Name: any name will do in this example its AD

LDAP Server Address: make sure you use the FQDN, all in capital letters and make sure that the CCSVM server can resolve the FQDN to IP.

LDAP Server Port: 389 is the default active directory ldap port

Require Secure Communications (SSL): unchecked in this example

Permitted Authentication Methods: DIGEST-MD5 in this example - all in capital letters.

LDAP Attributes Mappings: click on "AD" for the mapping of the fields to be auto-filled as shown below.

 

 

Step 2:

 For example you have a user named Alice Brown - here are the details for that account in active directory.

     

In this example the CCSVM "login ID" maps to the active directory "User Logon name" and in this case that's: Alice_Brown

In this example the CCSVM "Full Name" maps to the active directory "Display Name" and in this case that's: Alice Brown

In this example the CCSVM "mail" field is not utilized.

Step 3:

You'll now have to create an CCSVM user, go to Home :: Administration :: Users :: New User :: Configuration

In this example the "User Name" maps to the active directory "User Logon name" and in this case that's: Alice_Brown

In this example the "Authentication Method" selected is the earlier created authentication name: AD

In this example the "Full Name" maps to the active directory "Display Name" and in this case that's: Alice Brown

In this example the "E-Mail address" field is not utilized.

Because we selected an alternative authentication method the Password fields are grayed out and the password stored in active directory will be used.

Continue configuring the User Roles and access as normal and save.

 

Step 4:

 

Log on to the CCSVM web console using:

user: Alice_Brown

password: { Alice Brown her active directory password}

 

reminder: this HOWTO is an example and might not suit your requirements, this is not a replacement of the documentation that ships with CCSVM.

Attachments