Removed in
7.4.2 You can
configure Microsoft Active Directory authentication on
your IBM®
QRadar®
system.
Procedure
-
On the Admin tab, click Authentication.
- Click Authentication Module Settings.
-
From the Authentication Module list, select Active
Directory.
-
Click Add, and configure parameters for the Active Directory
Repository.
The following table describes the parameters to configure:
Parameter |
Description |
Repository ID |
The Repository ID is an identifier or alias that uniquely represents the
server that is entered in the Server URL field and the domain from the
Domain field. Use the Repository ID when you enter your login details.
For example, you might use AD_1 to represent server_A
on Domain_A in one Active Directory Repository, and AD_2
to represent server_B on Domain_A in your second
repository.
|
Server URL |
The URL that is used to connect to the LDAP server. For example, type
ldaps://host_name:port. Note: If you specify a secure LDAP connection, the
password is secure but the username is passed in clear text.
|
Context |
Context that you want to use; for example, DC=QRADAR,DC=INC. |
Domain |
Domain that you want to use, for example; qradar.inc. |
-
Enter the user name and password that you use to authenticate with the repository.
-
To test connectivity to the repository, click Test Connection.
Note: When you enable Active Directory, ensure that port 88 is open to allow Kerberos connections
from the QRadar
Console.
-
To edit or remove a repository, select the repository, and then click
Edit or Remove.
-
Click Save.
Users can log in by using the Domain\user or
Repository_ID\user login formats.
The login request that uses Repository_ID\user is attempted on a specific
server that is linked to a specific domain. For example, Server A on
Domain A, which is more specific than the Domain\user
login request format.
The login request that uses the Domain\user format is attempted on servers
that are linked to the specified domain until a successful login is achieved. For example, there
might be more that one server on a specific domain.
Note: For Active Directory user authentication, you must create a local QRadar user account that is the
same as the Active Directory (AD) account on the authentication server.
-
On the Admin page, click Deploy Changes.