Synchronize data from an on-premises Active Directory server through a Service Gateway.
Configuring Data Synchronization and User Access Control allows your Active Directory
servers to share data with Trend Vision One and enable certain features and apps to perform actions
on users listed in your servers.
Important
|
Procedure
- Go to .
- Use the toggle to enable or disable the integration.
- In the Data Synchronization & User Access Control tab, configure object sharing criteria.Sync Frequency: The frequency at which data is shared.
- Configure the connection between the Service Gateway and your Active Directory
server.
- Click Connect Active Directory Server.
- Under Service Gateway Connection, select your service gateway.
- Under Domain information, configure the following settings.SettingDescriptionServer typeThe type of Active Directory server you want to connect to.Available options:
-
Microsoft Active Directory
-
Microsoft Active Directory Global Catalog
Important
This server type does not support the following features:-
User access control (All apps)
-
NTLM Single Sign-On for Internet Access (Zero Trust Secure Access)
This server type partially supports the following features:-
Risk Overview (Attack Surface Risk Management)
For full support, select Microsoft Active Directory. -
Server addressThe IP address or public FQDN of the Active Directory server.EncryptionThe protocol used to protect data during communication between the Service Gateway and the Active Directory server.Available options:-
NONE
-
SSL
-
STARTTLS
PortThe network port number used for communication with the Active Directory server.Base distinguished nameThe starting point in the Active Directory hierarchy from which Trend Vision One syncs data.Available options:-
Default
-
Specific
-
- Under Permission settings, configure the following settings.SettingDescriptionPermission scopeThe permissions granted in Active Directory to Trend Vision One.Available options:
-
Read: Allows you to sync Active Directory data, such as user lists and group memberships.
-
Read & Write: Allows you to sync Active Directory data and perform user access control response actions, such as disabling user accounts and forcing password reset.
User nameThe user name of your Active Directory serverPasswordThe password associated with the user account. -
- (Optional) Click Test Connection to verify if the settings are valid.
- Click Connect.
- Repeat the previous step to add multiple connection configurations for this integration.
- Click Save.