Active Directory Integration
Following the setup of both the Orchestrator and Orchestration Manager, the final step is to configure the Orchestrator to be able to receive and parse messages. Orchestrator must be informed which LDAP to use and which attribute within the LDAP it must use to get the SafeTitan username. This is typically the user's email, which is the mail attribute, but can be any attribute supported by LDAP.
Navigate to the SafeTitan portal and select the Edit
icon beside the Orchestrator you want to edit. The Edit Orchestrator window will appear.In this step, you'll need to enter the AD Identifier. Note that if users are synchronized to the system using Mail, then the AD Identifier must be Mail. If they are synchronized using UPN, then the AD Identifier entered must be Username.
As a reference, you can refer to the list of mappings between the Active Directory labeled fields and the LDAP attributes, as shown below.
Label in AD
LDAP Attribute
First Name
givenName
Middle Name/Initials
initials
Last Name
sn
Logon Name
userPrincipalName
Logon Name (Pre Windows 2000)
sAMAccountName
Display Name
displayName
Full Name
name/cn
Description
description
Office
physicalDeliveryOfficeName
Telephone Number
telephoneNumber
Email
mail
Web Page
wWWHomePage
Password
password
Street
streetAddress
PO Box
postOfficeBox
City
I
State/Province
st
Zip/Postal Code
postalCode
Country
co
Country 2 Digit Code, for example, US
c
Country code, for example, 840 (US Country code)
countryCode
Group
memberOf
Account Expires (use same date format as server)
accountExpires
User Account Control
userAccountControl
User Photo
thumbnailPhoto/exhangePhoto (supports high resolution photo) /jpegPhoto/ photo / thumbnailLogo
Profile Path
profilePath
Login Script
scriptPath
Home Folder
homeDirectory
Home Drive
homeDrive
Log on to
userWorkstations
Home
homePhone
Pager
pager
Mobile
mobile
Fax
facsimileTelephoneNumber
IP Phone
ipPhone
Notes
info
Title
title
Department
department
Company
company
Manager
manager
Mail Alias
mailNickName
Simple Display Name
displayNamePrintable
Hide from Exchange address lists
msExchHideFromAddressLists
Sending Message Size (KB)
submissionContLength
Receiving Message Size (KB)
delivContLength
Accept messages from Authenticated Users only
msExchRequireAuthToSendTo
Reject Messages From
unauthOrig
Accept Messages From
authOrig
Send on Behalf
publicDelegates
Forward To
altRecipient
Deliver and Redirect
deliverAndRedirect
Use mailbox store defaults
mDBuseDefaults
Outlook Mobile Access
msExchOmaAdminWirelessEnable
Outlook Web Access
protocolSettings
Allow Terminal Server Logon
tsAllowLogon
Terminal Services Profile Path
tsProfilePath
Terminal Services Home Directory
tsHomeDir
Terminal Services Home Drive
tsHomeDirDrive
Start the following program at logon
tsInheritInitialProgram
Starting Program file name
tsIntialProgram
Start in
tsWorkingDir
Connect client drive at logon
tsDeviceClientDrives
Connect client printer at logon
tsDeviceClientPrinters
Default to main client printer
tsDeviceClientDefaultPrinter
End disconnected session
tsTimeOutSettingsDisConnections
Active Session limit
tsTimeOutSettingsConnections
Idle session limit
tsTimeOutSettingsIdle
When session limit reached or connection broken
tsBrokenTimeOutSettings
Allow reconnection
tsReConnectSettings
Remote Control
tsShadowSettings
Protect accidental deletion
preventDeletion
Manager can update members
managerCanUpdateMembers
Primary Group ID
primaryGroupID
Administrative Group
msExchAdminGroup
Exchange Server Name
msExchHomeServerName
Managed By
managedBy
Target Address
targetAddress
Once you have entered the value for AD Identifier, select Save, which concludes the Orchestrator and Orchestration Manager setup process.
Next, refer to the Integration documentation for help integrating your chosen SIEM/Network monitoring application.