Start Here - idenprotect Active Directory Agent
Contents
Introduction
The idenprotect Active Directory Agent is a Spring-Boot microservice which can be deployed on-premise and provides an additional layer of security for communications between the idenprotect Core Platform and your Active Directory.
This in-depth guide will take you through the step-by-step process of downloading, installing and configuring the idenprotect Active Directory Agent. Each step links to an article about the specific part of the process you are on. Each of these articles has links to forward you on to the next step or to return you to a previous step.
How does the idenprotect Active Directory Agent Work?
To see how the idenprotect Active Directory Agent works and the sequence of events for synchronizing users, please see What is the idenprotect Active Directory Agent
Installing idenprotect Active Directory Agent
Pre-requisites
As the primary feature of the idenprotect Active Directory Agent is to perform the synchronization of users to the idenprotect Core Platform you will need to have a working and configured idenprotect Core Platform installation and should be familiar with LDAP Sync. If you need to do your installation first, please Start Here - idenprotect Core Platform, if you would like more information on LDAP Sync, please see LDAP Connection Configuration
Downloads
Visit the Downloads and Links page to download the latest idenprotect Active Directory Agent Version.
Installing with an RPM
All of our server applications are installed using RPM files. Please see our Installing with an RPM guide.
Verifying an installation
To verify that your RPM installation has been successful, please see Verifying an RPM installation
Upgrade an existing installation
To upgrade an existing RPM installation, please see Upgrading an RPM installation
Configuring idenprotect Active Directory Agent
If you have not made any configuration changes yet, please see How to make configuration changes
Webserver Configuration
WebSocket Configuration
To see how to configure the WebSocket connection (for both idenprotect Core Platform and idenprotect Active Directory Agent, please see WebSocket Configuration
LDAP Configuration
NOTE: If you have set the Should Send Settings property in WebSocket Configuration to false, any changes made in the idenprotect Core Platform configuration screens will NOT be sent out to the idenprotect Active Directory Agent. This is a perfectly acceptable configuration and your configuration will instead be affected by making changes to the ldap.properties file. However, where the following articles make reference to the ldap.properties file location on the server, you should instead be looking in /etc/idenprotect/adsync/ldap.properties
To see how to configure the LDAP Connection, please see LDAP Connection Configuration
To see how to configure the User Synchronization, please see LDAP User Sync Configuration
To see how to configure the Admin Synchronization, please see LDAP Admin Sync Configuration
Logging Configuration
To see how to configure logging for the idenprotect Active Directory Agent, please see Logging Configuration for idenprotect Active Directory Agent
Testing the idenprotect Active Directory Agent
To see how to test the idenprotect Active Directory Agent configuration, please see Testing idenprotect Active Directory Agent