Apply a CERTFR_AD analysis to an Active Directory asset
The purpose of this documentation is to provide a step-by-step procedure to apply a compliance analysis based on the CERTFR_AD requirements for an Active Directory environment. This page also contains references to more general documentation parts.
Configure an LDAP directory
The first step is the configuration of an LDAP directory:
- Go to Settings/Stored credentials
- Click on the
Add
button
You will be prompted to fill in several fields:
- In the “Type” field, select
LDAP / Active Directory
(Discoveries
part) - Fill in the name of the credential set
- Specify the URL of the domain controller, for example:
ldap://<IP_ADDRESS>
orldaps://<IP_ADDRESS>
- Specify the username using the LDAP format:
CN=Your user,CN=Users,DC=example,DC=com
- Type the user’s password
- Fill in the remaining fields if needed and confirm
Creation of an Active Directory asset
The second step is to create a Cloud asset:
- Go to Assets Management/Cloud
- Click on the
Add
button and chooseActive Directory
You will be prompted to fill in several fields:
- Enter a name for the new asset
- Specify the set of credentials previously created
- Specify the LDAP base of the Active Directory, for example:
DC=myldap,DC=domain,DC=com
- Confirm
Associate a CERTFR_AD repository to the Active Directory
The third and last step is to add the CERTFR_AD repository to the newly created asset:
- Go to Inventory
- If too many assets are displayed, it is possible to use the filters by clicking on
Cloud
inCategory
- Select the Active Directory asset by checking the box next to its name
- Click on the
Bulk actions
button, then onAdd repositories
- In the displayed list, select the
CERTFR_AD
repository that is available by default - Save
The compliance analysis will automatically start.
Analysis results
To view the results of the compliance analysis, simply go to the asset’s page that you can find in Inventory. The results will be displayed in detail in the “Compliance” tab.