Views:

Synchronize data from an on-premises Active Directory server through a Service Gateway.

Configuring Data Synchronization and User Access Control allows your Active Directory servers to share data with Trend Vision One and enable certain features and apps to perform actions on users listed in your servers.
Important
Important

Procedure

  1. Go to Workflow and AutomationThird-Party IntegrationActive Directory (on-premises).
  2. Use the toggle to enable or disable the integration.
  3. In the Data Synchronization & User Access Control tab, configure object sharing criteria.
    Sync Frequency: The frequency at which data is shared.
  4. Configure the connection between the Service Gateway and your Active Directory server.
    1. Click Connect Active Directory Server.
    2. Under Service Gateway Connection, select your service gateway.
    3. Under Domain information, configure the following settings.
      Setting
      Description
      Server type
      The type of Active Directory server you want to connect to.
      Available options:
      • Microsoft Active Directory
      • Microsoft Active Directory Global Catalog
        Important
        Important
        This server type does not support the following features:
        • User access control (All apps)
        • NTLM Single Sign-On for Internet Access (Zero Trust Secure Access)
        This server type partially supports the following features:
        • Risk Overview (Attack Surface Risk Management)
        For full support, select Microsoft Active Directory.
      Server address
      The IP address or public FQDN of the Active Directory server.
      Encryption
      The protocol used to protect data during communication between the Service Gateway and the Active Directory server.
      Available options:
      • NONE
      • SSL
      • STARTTLS
      Port
      The network port number used for communication with the Active Directory server.
      Base distinguished name
      The starting point in the Active Directory hierarchy from which Trend Vision One syncs data.
      Available options:
      • Default
      • Specific
    4. Under Permission settings, configure the following settings.
      Setting
      Description
      Permission scope
      The permissions granted in Active Directory to Trend Vision One.
      Available options:
      • Read: Allows you to sync Active Directory data, such as user lists and group memberships.
      • Read & Write: Allows you to sync Active Directory data and perform user access control response actions, such as disabling user accounts and forcing password reset.
      User name
      The user name of your Active Directory server
      Password
      The password associated with the user account.
    5. (Optional) Click Test Connection to verify if the settings are valid.
    6. Click Connect.
  5. Repeat the previous step to add multiple connection configurations for this integration.
  6. Click Save.