Using LDAP, we can fetch the groups & users associated to the respective servers.
Network Diagram
LDAP Setup
-
Sign up for an AuthX account
-
Navigate to Applications tab
-
Click Protect an application and select Protect for LDAP
-
Provide your inputs on the Application Name, Description, Policies & Groups
-
Download the LDAP exe file from here see the status of created LDAP application as ‘’Waiting for Agent’’
-
Now login to your Remote system
-
Copy the downloaded LDAP exe file in Remote system & install it
-
Go to Windows Start menu and search for AuthX AD Agent Config and select it
-
Select ‘Yes’
-
AuthX configuration popup opens up
-
Configure the following details from the LDAP application created in LDAP Setup → Step 5
-
Application ID
-
Application Key
-
Application URL (At the end add ‘/’. For Example: https://admin-xxxxxxxx.authx.com/)
-
-
Save the configuration
-
-
Now on the Portal → Applications, you can see the status of created LDAP application as ‘’Active’’
-
On the AuthX Portal, navigate to Directory Sync
-
Scroll down to view Open LDAP grid
-
You can see the CERTIFYAUTH details.
-
Click on Actions and select Sync
-
Redirecting to LDAP Groups page
-
You can select the list of Groups to sync
-
Select Sync Users and you can see a confirmation of LDAP users added.
-
Now the synced users will be showing up in Users table with On-Prem Source Type and in the Groups table with On-Prem Type.
AD Functions for LDAP users
Pre-Conditions
-
Login as Owner / Admin to AuthX portal
-
Go to Settings → Admin
-
Enable AD functions for Admin checkbox
-
Enable AD functions for Users checkbox
-
Save it.
-
Only when the above mentioned checkbox are enabled, user / admin will have access to AD functions
Admin Portal
On the Admin settings only if the AD functions for Admin is enabled, Admin can see the AD functions option for Users
-
Login to Admin portal
-
Go to Users
-
Select any ‘On-Prem’ source type users
On the top right corner, you can see AD Functions
-
Click AD Functions and a popup opens up.
-
Admin can update the following details for the respective user
-
Active / Inactive status update
-
Lock / Unlock update
-
Password expires
-
Now
-
Never
-
AD defined
-
-
Change password
-
Reset password
-
User Portal
On the Admin settings only if the AD functions for Users is enabled, you can see the AD functions option in User portal
-
Login to User portal
-
Go to AD functions
-
User can update the following details for the respective user
-
Active / Inactive status update
-
Lock / Unlock update
-
Password expires
-
Now
-
Never
-
AD defined
-
-
Change password
-
Reset password
-