Configure a Server LDAP (LDAPS) authentication repository for your IBM
QRadar system.
Procedure
-
Log in to QRadar as an
admin user.
- On the Admin tab, click Authentication.
- Click Authentication Module Settings.
- From the Authentication Module Settings list, select
LDAP, and then click Add.
- Complete the fields in the Basic Configuration section.
- In the Repository ID field, enter a descriptive
name.
- In the Server URL field, use the ldaps://
protocol, the server fully qualified domain name (FQDN) and specify an LDAP over SSL encrypted port
(636 or Global catalog port 3269).
For example,
ldaps://ldap.test.com:3269
- In the Encryption field, click
LDAPS.
- In the LDAP User Field, enter
sAMAccountName.
- In the User Base DN field, enter the Distinguished Name (DN) of
the node where the search for a user would start.
- In the Referral field, select
follow.
- In the Connection Settings section, click Authenticated
Bind.
- In the Login DN field, enter the user's DN in
Domain\User format.
For example,
TEST\Administrator.
- In the Password field, enter the password of the user that you
configured in the Login DN field.
- Click Test Connection and enter the username that you entered in
the Login DN field.
For example,
Administrator.
- Click Save.
- Click Save Authentication Module.
Results
If the test is successful, a Successfully connected to the LDAP server message
appears. You can use an unencrypted LDAP configuration to connect QRadar to the LDAP server.
If the test connection does not connect, contact your LDAP administrator and verify that the
parameters match and that the network allows the QRadar
Console to connect.
If QRadar is unable to
connect after you verify the parameters and network, contact Customer Support (www.ibm.com/support/)