Active Directory Asset Discovery
In this guide we will showcase how to connect and retrieve users / workstations and servers from an Active Directory, then use Asset Update to store them within the Asset A-Ops application
Download template
Requirements
- Asset Integration
- Active Directory Integration
Steps
- Add AD Asset Discovery trigger object to the flow
- Edit the trigger, name it and define its schedule i.e. 60s
- Configure the Connection Details, username, password, Domain Name, Server, and if ldap or ldaps is used
- Edit the Main tab, adding the Search Base, Search Filter,Search Period, and Search Period units
Search Base:
dc=example,dc=local
Search Filter for retrieving User objects:
(&(objectClass=user)(objectCategory=person))
or
Search Filter for retrieving Computer objects:
(&(objectClass=computer))
- Add an Action that would contain a logic statement to ensure that the correct type of asset is being retrieved
If Server Operating System
if "cn=users" in data[event][dn]
or
If Server Operating System
if "server" in lower(data[event][operatingSystem]) and "cn=users" not in data[event][dn]
- Depending on the logic output for Computer related object, if the result is False, an Asset Update would be connected to create/update workstation related Assets. If the result is True, an asset update object is used to create/update Server assets.
All above steps can be viewed below.