Configuring an unencrypted connection to the LDAP server

Configure a Lightweight Directory Access Protocol (LDAP) repository in IBM QRadar.

About this task

Procedure

Log in to QRadar as an admin user.
On the Admin tab, click Authentication.
In the Authentication window, click Authentication Module Settings.
From the Authentication Module Settings list, select LDAP, and then click Add.
Complete the fields in the Basic Configuration section.
1. In the Repository ID field, enter a descriptive name.
2. In the Server URL field, use the ldap:// protocol, the server fully qualified domain name (FQDN) and specify an unencrypted port (389 or Global catalog port 3268).
  For example, ldap://ldap.test.com:389
3. In the Encryption field, click Unsecure.
4. In the LDAP User Field, enter sAMAccountName.
5. In the User Base DN field, enter the Distinguished Name (DN) of the node where the search for a user would start.
  To determine this value, see QRadar: How to find the User Base and Group Base DN information when using LDAP (https://www.ibm.com/support/pages/node/6367965)
6. In the Referral field, select follow.
In the Connection Settings section, click Authenticated Bind.
In the Login DN field, enter the user's DN in Domain\User format.
For example, TEST\Administrator.
In the Password field, enter the password of the user that you configured in the Login DN field.
Click Test Connection and enter the username that you entered in the Login DN field.
For example, Administrator.
Click Save.
Click Save Authentication Module.

Results

If the test is successful, a Successfully connected to the LDAP server message appears. You can use an unencrypted LDAP configuration to connect QRadar to the LDAP server.

If the test connection does not connect, contact your LDAP administrator and verify that the parameters match and that the network allows the QRadar Console to connect.

If QRadar is unable to connect after you verify the parameters and network, contact Customer Support (www.ibm.com/support/)