You can set up Remediate to use Active Directory to authenticate users.
To configure Remediate to use your Active Directory server:
In the main Remediate UI, click
User admin on the navigation sidebar.
The user admin login page is displayed.
- Log in with the user administration UI administrator username and password. For more information on setting the user administration UI admin user password, see Configuring Remediate.
- On the sidebar, click User Federation and select ldap from the drop-down list.
In the Required Settings area:
Select Active Directory from the vendor
Note: Some of the required parameters are automatically filled. These parameters can be changed if they are unsuitable.
Hover over the icon beside each field for more information about the required content for that field.
- Enter the Username LDAP Attribute.
Enter the RDN LDAP Attribute.
This is the attribute that defines the relative distinguished name of the typical user distinguished name. Usually, it is the same as the username attribute. However, you might also use
cnfor this attribute if you used sAMAccountName for the username attribute.
Enter the UUID LDAP attribute.
For Active Directory, this is usually
Enter values for all LDAP User Object Classes.
Values must be comma-separated, for example:
Enter the Connection URL of your LDAP
You can use the Test connection button to ensure that Remediate can connect to the server.
Enter the User DN.
This is the full distinguished name of the LDAP tree where your users are located. For example:
Select the Authentication Type. There are two
- None - anonymous LDAP authentication.
- Simple - Bind credential + Bind password authentication.
Enter the Bind DN field. This is the
distinguished name of the LDAP admin account used to access the LDAP
server. For example:
Enter the LDAP admin password in the Bind
You can use the Test authentication button to see if Remediate can access the LDAP server.
- Select Active Directory from the vendor drop-down list.
To configure the synchronization schedule between your LDAP or Active
Directory server and Remediate:
- Enter the maximum number of users to be imported in any transaction in the Batch Size field. The default is 1000.
- If you want to set up a full synchronization, set Periodic Full Sync to ON, and enter a value in seconds in the Full Sync Period field. The default is 604800 seconds (every 7 days).
- If you want to synchronize only new and changed users, set Periodic Changed Users Sync to ON and enter a value in seconds in the Changed Users Sync Period field. The default is 86400 seconds (every 24 hours).
- When you are done, click Save.