Set Up LDAP Server

If you are adding an LDAP server for the first time, then the ADD CONTEXT SOURCE page displays when you reach the CONTEXT MANAGEMENT settings page. Otherwise, a list of LDAP Server appears, click Add Context Source to add more.

Select a Source Type:

Site Collector
Microsoft Active Directory
NetIQ eDirectory
Microsoft Azure Active Directory

The add/edit CONTEXT MANAGEMENT page displays the fields necessary to query and pull context information from your LDAP server(s), depending on the source chosen.

For Site Collector:

LDAP Agent — This collector will be responsible for context collection.
- Click the icon to refresh the list of available Site Collectors and their LDAP agents.
- Click + Create a new site collector to open an instance of Site Collector to create a new one. For more information on creating Site Collectors, see the Site Collector Administration Guide.

For Microsoft Active Directory:

Primary IP Address or Hostname – Enter the LDAP IP address or hostname for the primary server of the given server type.
Note
For context retrieval in Microsoft Active Directory environments, we recommend pointing to a Global Catalog server. To list Global Catalog servers, enter the following command in a Windows command prompt window: nslookup -querytype=srv gc.tcp.acme.local. Replace acme.local with your company's domain name.
Secondary IP Address or Hostname – If the primary LDAP server is unavailable, Exabeam falls back to the secondary LDAP server if configured.
TCP Port – Enter the TCP port of the LDAP server. Optionally, select Enable SSL (LDAPS) and/or Global Catalog to auto-populate the TCP port information accordingly.
Bind DN – Enter the bind domain name, or leave blank for anonymous bind.
Bind Password – Enter the bind password, if applicable.
LDAP attributes for Account Name – This field auto-populated with the value sAMAccountName. Please modify the value if your AD deployment uses a different value.

For NetIQ eDirectory:

Primary IP Address or Hostname – Enter the LDAP IP address or hostname for the primary server of the given server type.
Secondary IP Address or Hostname – If the primary LDAP server is unavailable, Exabeam falls back to the secondary LDAP server if configured.
TCP Port – Enter the TCP port of the LDAP server. Optionally, select Enable SSL (LDAPS) and/or Global Catalog to auto-populate the TCP port information accordingly.
Bind DN – Enter the bind domain name, or leave blank for anonymous bind.
Bind Password – Enter the bind password, if applicable.
Base DN – .
LDAP Attributes – The list of all attributes to be queried by the Exabeam Directory Service (EDS) component is required. When testing the connection to the eDirectory server, EDS will collect from the server a list of the available attributes and display that list as a drop down menu. Select the name of the attribute from that list or provide a name of your own. Only names for the LDAP attributes you want EDS to poll are required (i.e., not necessarily the full list). Additionally, EDS does not support other types of attributes, therefore you cannot add “new attributes” on the list below.

For Microsoft Azure Active Directory:

Application Client ID — In App Registration in Azure Active Directory, select the application and copy the Application ID in the Overview tab.
Application Client Secret — In App Registration in Azure Active Directory, select the application and click on Certificates & Secrets to view or create a new client secret.
Tenant ID — In App Registration in Azure Active Directory, select the application and copy the Tenant ID in the Overview tab.

Click Validate Connection to test the LDAP settings.

Note

If you selected Global Catalog for either Microsoft Active Directory or NetIQ eDirectory, this button displays as Connect & Get Domains.

Click Save to save your context source,

Cloud-delivered Advanced AnalyticsExabeam Advanced Analytics Administration Guide

Table of ContentsTable of Contents