Support

Support for business applications

Kaspersky CyberTrace

Administrator guides

Kaspersky CyberTrace Service Guide

Kaspersky CyberTrace Service configuration reference

GUISettings

AuthenticationServers > AuthenticationServer
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

AuthenticationServers > AuthenticationServer

April 11, 2024

ID 198904

Contains the LDAP connection settings parameters.

Path

GUISettings > AuthenticationServers > AuthenticationServer

Optional

The AuthenticationServer element is optional.

Attributes

This element has the following attributes.

AuthenticationServer element attributes

Attribute

Description

type

Specifies the type of server to connect.

Possible values: LDAP.

This attribute is mandatory.

enabled

Indicates whether the specified server must be used.

Possible values: true, false.

This attribute is mandatory.

Nested elements

This element is a container for the following nested elements:

  • ConnectionString

    Contains the connection parameters for the LDAP server.

    For more information about this element, see subsection "AuthenticationServer > ConnectionString" below.

  • DomainName

    The path to the database that contains the user accounts that can access Kaspersky CyberTrace.

    For more information about this element, see subsection "AuthenticationServer > DomainName" below.

  • AdministratorAccountsFilter

    Contains filtering rules for user accounts that must be assigned the Administrator role.

    The AdministratorAccountsFilter element must not contain the value that is specified in the AnalystAccountsFilter element.

    The AdministratorAccountsFilter element can be empty.

  • AnalystAccountsFilter

    Contains filtering rules for user accounts that must be assigned the Analyst role.

    The AnalystAccountsFilter element must not contain the value that is specified in the AdministratorAccountsFilter element.

    The AnalystAccountsFilter element can be empty. If the value is not specified, all user accounts that access Kaspersky CyberTrace will have the Analyst role.

    This element is mandatory.

AuthenticationServer > ConnectionString

IP address or FQDN (fully qualified domain name), and port of the LDAP server.

This element is mandatory and cannot be empty.

This element has the following attributes.

ConnectionString element attributes

Attribute

Description

use_encryption

Indicates whether to use an SSL/TLS or STARTTLS connection.

If an SSL/TLS connection is used, the value is ssl/tls.

If a STARTTLS connection is used, the value is starttls.

If no encryption protocol is used, the value is none.

connection_timeout

Specifies a response timeout from the LDAP server, in seconds.

The range of values for this attribute is from 1 to 60.

AuthenticationServer > DomainName

The path to the database that contains the user accounts that can access Kaspersky CyberTrace.

This element is mandatory and cannot be empty.

This element has the following attributes.

DomainName element attributes

Attribute

Description

use_principal_name

Indicates whether to use the User Principal Name (UPN) format.

Specify true, if you want to use UPN.

Otherwise, specify false. In this case, the SAM Account Name format is used.

Example

The following is an example of this element.

<AuthenticationServer type="LDAP" enabled="true">

<ConnectionString use_encryption="false" connection_timeout="20">ldap.example.com:389</ConnectionString>

<DomainName use_principal_name="true">dc=testing,dc=con</DomainName>

<AdministratorAccountsFilter>cn=theadministrator</AdministratorAccountsFilter>

<AnalystAccountsFilter>cn=users_an</AnalystAccountsFilter>

</AuthenticationServer>

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.