Integration with Active Directory enables you to perform response actions for Active Directory users affected by or involved in the alert.
To configure the integration with Active Directory for responding to alerts, you must use Kaspersky Security Center Linux Administration Server version 15.4 or later.
The integration with Active Directory for responding to alerts, and the settings for scanning the Active Directory domain controller (the address and user credentials of the domain controller) you specify when configuring a domain controller polling, are two different settings. Since you need to ensure that the user for whom a response action is to be performed has an Active Directory account, you must configure both the integrations: for scanning and for responding. The order is not significant.
The integration settings are not inherited and are applied only to the Administration Server (physical or virtual) on which you configure these settings.
To configure integration with Active Directory for responding to alerts:
The Administration Server properties window opens, with the General tab selected.
Later, if you want to turn off the integration, you can only do it for all connections by disabling the Active Directory integration toggle switch. You cannot turn off the integration for a separate connection. Instead, you can delete the connection.
When you enable or disable the Active Directory integration toggle switch, the setting is applied for both the Integrations and the Distribution points sections.
Computer name, for example: server.mycompany.com
.
You can specify several addresses. All domain controllers whose addresses you specify must belong to the same domain.
DNS fully qualified domain name, for example: mycompany.com
Also, you can specify SAM or NetBIOS name, for example: mycompany
Use lowercase letters. If you create several connections for the Administration Server or a distribution point, specify different names for each connection.
Login of the Active Directory account with administrator rights under which the response actions are to be performed.
Password of the Active Directory account with administrator rights under which the response actions are to be performed.
If the connection is successfully established, the Connected status is displayed. Otherwise, the status is Failed, and an error message is displayed with the domain controllers to which you failed to connect.
You must take into account the way you connect to Active Directory: from a Linux device or from a Windows device.
The window is closed, and the connection is displayed in the table of connections.
In the table of connections, you can do the following:
To do this, click the link with the Domain controller address parameter for the required connection. In the window that opens, change the required settings, and then click the Save button.
You can edit only the Login and Password parameters.
To do this, select the check box next to the connection you want to delete, click the Remove button in the toolbar, and then confirm the deletion of the connection.