AuthenticationServers > AuthenticationServer

Contains the LDAP connection settings parameters.

Path

GUISettings > AuthenticationServers > AuthenticationServer

Optional

The AuthenticationServer element is optional.

Attributes

This element has the following attributes.

AuthenticationServer element attributes

Attribute	Description
`type`	Specifies the type of server to connect. Possible values: `LDAP`. This attribute is mandatory.
`enabled`	Indicates whether the specified server must be used. Possible values: `true`, `false`. This attribute is mandatory.

Attribute

Description

type

Specifies the type of server to connect.

Possible values: LDAP.

This attribute is mandatory.

enabled

Indicates whether the specified server must be used.

Possible values: true, false.

This attribute is mandatory.

Nested elements

This element is a container for the following nested elements:

ConnectionString
Contains the connection parameters for the LDAP server.

For more information about this element, see subsection "AuthenticationServer > ConnectionString" below.
DomainName
The path to the database that contains the user accounts that can access Kaspersky CyberTrace.

For more information about this element, see subsection "AuthenticationServer > DomainName" below.
AdministratorAccountsFilter
Contains filtering rules for user accounts that must be assigned the Administrator role.

The AdministratorAccountsFilter element must not contain the value that is specified in the AnalystAccountsFilter element.

The AdministratorAccountsFilter element can be empty.
AnalystAccountsFilter
Contains filtering rules for user accounts that must be assigned the Analyst role.

The AnalystAccountsFilter element must not contain the value that is specified in the AdministratorAccountsFilter element.

The AnalystAccountsFilter element can be empty. If the value is not specified, all user accounts that access Kaspersky CyberTrace will have the Analyst role.

This element is mandatory.

AuthenticationServer > ConnectionString

IP address or FQDN (fully qualified domain name), and port of the LDAP server.

This element is mandatory and cannot be empty.

This element has the following attributes.

ConnectionString element attributes

Attribute	Description
`use_encryption`	Indicates whether to use an SSL connection. If an SSL connection is used, the value is `true`. If an SSL connection is not used, the value is `false`.
`connection_timeout`	Specifies a response timeout from the LDAP server, in seconds. The range of values for this attribute is from `1` to `60`.

Attribute

Description

use_encryption

Indicates whether to use an SSL connection.

If an SSL connection is used, the value is true.

If an SSL connection is not used, the value is false.

connection_timeout

Specifies a response timeout from the LDAP server, in seconds.

The range of values for this attribute is from 1 to 60.

AuthenticationServer > DomainName

The path to the database that contains the user accounts that can access Kaspersky CyberTrace.

This element is mandatory and cannot be empty.

This element has the following attributes.

DomainName element attributes

Attribute	Description
`use_principal_name`	Indicates whether to use the User Principal Name (UPN) format. Specify `true`, if you want to use UPN. Otherwise, specify `false`. In this case, the SAM Account Name format is used.

Attribute

Description

use_principal_name

Indicates whether to use the User Principal Name (UPN) format.

Specify true, if you want to use UPN.

Otherwise, specify false. In this case, the SAM Account Name format is used.

Example

The following is an example of this element.

<ConnectionString use_encryption="false" connection_timeout="20">ldap.example.com:389</ConnectionString>

<DomainName use_principal_name="true">dc=testing,dc=con</DomainName>

<AdministratorAccountsFilter>cn=theadministrator</AdministratorAccountsFilter>

<AnalystAccountsFilter>cn=users_an</AnalystAccountsFilter>

</AuthenticationServer>

Page top