Apply a CERTFR_AD analysis to an Active Directory asset

The purpose of this documentation is to provide a step-by-step procedure to apply a compliance analysis based on the CERTFR_AD requirements for an Active Directory environment. This page also contains references to more general documentation parts.

Configure an LDAP directory

The first step is the configuration of an LDAP directory:

You will be prompted to fill in several fields:

  • In the “Type” field, select LDAP / Active Directory (Discoveries part).
  • Fill in the name of the credential set.
  • Specify the URL of the domain controller, for example: ldap://<IP_ADDRESS> or ldaps://<IP_ADDRESS>.
  • Specify the username using the LDAP format: CN=Your user,CN=Users,DC=example,DC=com
  • Type the user’s password.
  • Fill in the remaining fields if needed and confirm.

Creation of an Active Directory asset

The second step is to create a Cloud asset:

You will be prompted to fill in several fields:

  • Enter a name for the new asset.
  • Specify the set of credentials previously created.
  • Specify the LDAP base of the Active Directory, for example: DC=myldap,DC=domain,DC=com.
  • Confirm.

Associate a CERTFR_AD repository to the Active Directory

The third and last step is to add the CERTFR_AD repository to the newly created asset:

  • Go to Inventory.
  • If too many assets are displayed, it is possible to use the filters by clicking on Cloud in Category.
  • Select the Active Directory asset by checking the box next to its name.
  • Click on the Bulk actions button, then on Add repositories.
  • In the displayed list, select the CERTFR_AD repository that is available by default.
  • Save.

The compliance analysis will automatically start.

Analysis results

To view the results of the compliance analysis, simply go to the asset’s page that you can find in Inventory. The results will be displayed in detail in the “Compliance” tab.