LDAP RESPONSE INTEGRATION

Overview

 

LDAP is a protocol used to access and manage directory information services, such as user accounts, email addresses, and other network resources. An LDAP connection allows an LDAP client to communicate with an LDAP server to retrieve or modify information stored in the directory.

Prerequisites

  • All Logsign versions support this integration.

Configure On LDAP

  • By connecting to the Ldap / AD server via Logsign, we can enrich the all logs with user attributes as automatically from Ldap / AD Server (such as Department Names, Display Names, Mobile Phones).
  • To establish an LDAP connection, an LDAP client sends an LDAP request to the LDAP server using a specific port number (default is 389 for LDAP and 636 for LDAP over SSL). The server then responds to the request by providing the requested information or by indicating that the requested information is not available.
  • LDAP connections can be secured by using SSL/TLS encryption to protect the data being transmitted between the client and server. LDAP connections can also be authenticated using various mechanisms, such as simple authentication or bind authentication, to ensure that only authorized users can access the directory information.
  • You can follow the notes on the need-to-know settings below and navigate accordingly.
  • BaseDN : BaseDN (base distinguished name) is an important concept in LDAP (Lightweight Directory Access Protocol) that defines the starting point for a search within a directory. It specifies the top-most point in the directory tree where the LDAP search should begin.
  • Port : Default is 389 for LDAP and 636 for LDAP over SSL.

 

 

 

Configure On Logsign

Forwarding settings are completed as follows:

 

  1. Click Settings > Integrations > Responses.
  2. In the ‘Search’ part, write LDAP.
  3. Click ‘Configure’ and then click ‘+Device’.

 

  1. Define the settings as follows:
  • Device Name: Define the Device Name.
  • BaseDN: Define the BaseDN.
  • Password: Define the password.
  • Server: Define the server address.
  • Port: Define the port.
  • UserName: Define the username.
  1. Click Test and then Create to save the changes.

Methods

SEARCH-USERS

 

  • Device:  Select the configuration you have configured.
  • Class: Define the users' object class.
  • Name: Define the users you want to search.











ADD-USER-TO-GROUP

 

 

  • Device:  Select the configuration you have configured.
  • Username: Define the user you want to add.
  • Group Name: Define the users' group name.



















REMOVE-USER-FROM-GROUP

 

 

  • Device:  Select the configuration you have configured.
  • Username: Define the user you want to remove.
  • Group Name: Define the users' group name.











DISABLE

 

  • Username: Define the user you want to disable.

 

ENABLE

 

  • Username: Define the user you want to enable.




RESET-PASSWORD

 

Username: Define the user whose password was reset.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

See more
Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.