Skip to main content

Active Directory

Jasper
Updated

The Active Directory connector for Elimity Insights fetches users, groups and computers from Active Directory so you can keep in control of your environment. 

Follow the instructions below to set up the connector for your environment.

How it works

  • Elimity Insights periodically fetches users, groups and computers from Active Directory.
  • Write Elimity Insights queries to review and monitor updates to the data, or leverage existing queries.
  • Configure these stored queries to take action when the Elimity Insights data changes.

Integration requirements

Setting up an Active Directory source in Elimity Insights requires:

  • an Active Directory account to perform LDAP searches,
  • a user in Elimity Insights with the role Connector Admin or higher.

Integration instructions

Follow the following steps to set up an Active Directory source in Elimity Insights:

  • Create an Active Directory account that has read-only access to the organizational unit you want to import from.

  • Copy the credentials of this user and the connection parameters to the Elimity Insights connector.

  • Make sure your Active Directory server is accessible from Elimity Insights.

Changelog

v3.18.0

  • Fixed missing error logs for invalid connector configuration.
  • Added information log before connecting to the Active Directory server.
  • Added out-of-the-box controls.

v3.19.0

  • Archived the 'Active' attribute, since there is no such property in Active Directory.

v3.21.0

  • Added new 'group scope', 'group type' and 'parents' attributes for groups.
  • Added a new 'foreign security principal' entity type.

v3.22.0

  • The security identifiers of users, groups and computers now determine unique identity, instead of distinguished names. This will add a large list of changes to existing query history once, but avoids removal and recreation of entities that merely moved between organizational units (which affects their distinguished name).

v3.23.0

  • The connector replaces the 'Base DN' configuration with the more flexible 'Search requests' configuration. This change allows users to list multiple Base DNs, each with a specific LDAP filter.

v3.24.0

  • Relationships for groups with more than 1500 members now show up correctly in Elimity Insights.

v3.24.1

  • Special characters in LDAP filters are now escaped correctly.

v3.25.1

  • The connector now correctly takes nested groups into account when importing group memberships.

v3.27.0

  • This update includes support for importing password expiry information. Active Directory users now have a new 'Password Never Expires' attribute.

v3.28.0

  • The connector now imports e-mails and names for managers of Active Directory users.
  • This update also adds a 'Last Login Timestamp' attribute for Active Directory computers and users.
  • Active Directory groups can now also contain Active Directory computers.

v3.29.0

  • This update includes support for importing workstation information. Active Directory users and computers now have a new 'Workstations' attribute.

v3.33.0

  • Users should now provide a connection URL instead of a hostname and port to configure the connection with AD. For example, it is now possible to connect via LDAPS by providing a URL like 'ldaps://example.com'.

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk