Microsoft Active Directory
Active Directory Integration
Through Active Directory integration, you are able to import into Control Center the existing inventory from Active Directory on-premises and from Active Directory hosted in Microsoft Azure, simplifying security deployment, management, monitoring and reporting. Additionally, Active Directory users can be assigned different user roles in Control Center.
To integrate and synchronize GravityZone with an Active Directory domain:
Log in to GravityZone Control Center.
Go to Configuration > Active Directory > Domains and click
Add.
Configure the required settings:
Synchronization interval (in hours)
Active Directory domain name (including the domain extension)
Username and password of a user with full view permissions on the entire Active Directory structure.
Location in the Network inventory where to display the AD endpoints:
Keep AD structure and ignore empty OUs
Ignore AD structure, import to Custom Groups
Keep AD structure only with selected OUs
The Domain Controllers with which Control Center is synchronizing. Expand the Request Domain Controller section and choose the controllers from the table.
Click Save.
Whenever the user password changes, remember to also update it in Control Center.
The following is a list of attributes retrieved by the Active Directory integration.
computers
dn
objectGuid
name
operatingSystem
dNSHostName
objectSid
sAMAccountName
objectClass
users
dn
name
mail
objectGuid
userPrincipalName
displayName
sAMAccountName
memberof
objectSid
primarygroupid
securityGroups
dn
name
objectGuid
objectSid
objectClass
subdomains
dn
name
objectGuid
objectSid
objectClass
securityidentifier
domainControllers
dNSHostName
securityGroupsOnly
dn
objectGuid