Active Directory Asset Discovery

In this guide we will showcase how to connect and retrieve users / workstations and servers from an Active Directory, then use Asset Update to store them within the Asset A-Ops application

Download template

Requirements

  • Asset Integration
  • Active Directory Integration

Steps

  1. Add AD Asset Discovery trigger object to the flow
  2. Edit the trigger, name it and define its schedule i.e. 60s
  3. Configure the Connection Details, username, password, Domain Name, Server, and if ldap or ldaps is used
  4. Edit the Main tab, adding the Search Base, Search Filter,Search Period, and Search Period units
Search Base:
dc=example,dc=local
Search Filter for retrieving User objects:
(&(objectClass=user)(objectCategory=person))

or

Search Filter for retrieving Computer objects:
(&(objectClass=computer))
  1. Add an Action that would contain a logic statement to ensure that the correct type of asset is being retrieved
If Server Operating System
if "cn=users" in data[event][dn]

or

If Server Operating System
if "server" in lower(data[event][operatingSystem]) and "cn=users" not in data[event][dn]
  1. Depending on the logic output for Computer related object, if the result is False, an Asset Update would be connected to create/update workstation related Assets. If the result is True, an asset update object is used to create/update Server assets.

All above steps can be viewed below.

Preview