Submit a ticketCall us

Looking to compare latest NPM features with previous versions of NPM?
The NPM new feature summary offers a comparison of new features and improvements offered with this release.

 

Home > Success Center > Log & Event Manager (LEM) > SolarWinds LEM 6.3 User Guide > Advanced LEM configurations > Set up Active Directory authentication in LEM 6.3.0 and older

Set up Active Directory authentication in LEM 6.3.0 and older

These steps apply to LEM version 6.3.0 and older. To configure newer versions of LEM (version 6.3.1 and above), see Set up Active Directory authentication in LEM

Complete the steps in this section to allow users to log in to LEM with their Active Directory credentials.

Configure the Directory Service Query connector

Before you begin, gather the following:

  • Either the IP address or fully-qualified domain name (FQDN) of the Active Directory server.
  • The domain credentials for an account that the Directory Service Query connector can use.

To get directory server details, open a Windows command prompt on a computer on the correct network and type nslookup.

  1. Log in to the LEM console as an administrator.
  2. Access the targeted LEM Manager.
  3. Click Manage > Appliances.
  4. Click the gear icon next to your LEM manager and select Connectors.
  5. Enter Directory Service Query in the search box on the Refine Results pane.
  6. Click the gear icon next to the master connector on the right, and select New.
  7. Complete the Directory Service Query connector form:

    1. In the Domain Name field, enter the fully-qualified domain name for your directory service server using lowercase characters.

      For example, solarwinds.com.

    2. In the Directory Service Server field, enter the IP address or hostname of your directory service server.

      SolarWinds recommends using the IP address to avoid possible DNS issues. The LEM network configurations (netconfig) allow for setting or changing the DNS server to resolve the host.

    3. Enter the domain credentials for a user account that the connector can use.

      SolarWinds recommends using a service account with a non-expiring password, otherwise you will have to manually update the connector every time the password expires. This account does not need elevated privileges. When entering domain credentials, provide only the user name.

    4. Enter the domain credentials for a user account that the connector can use.

      SolarWinds recommends using a service account with a non-expiring password, otherwise you must manually update the connector every time the password expires. This account does not need elevated privileges. When entering domain credentials, provide only the user name.

  8. When finished, click Save.
  9. Locate the new instance of the connector. The gray icon in the Status column indicates that the connector is not running.
  10. Click the gear icon next to the new connector and select Start. A green icon in the Status column indicates that the connector is running.

A green icon in the Status column indicates that the connector is running and the Test Domain Connection button can be used to test your settings. This operation displays its results as an alert in the SolarWinds Alerts filter. It does not display a pop-up message.

Import your Active Directory organizational groups into LEM

Complete these steps to import your directory service groups into LEM Manager and start the group synchronization process. The synchronization process runs every five minutes as long as the connector is running.

Before you begin, the Directory Service Query connector must be configured on LEM Manager.

  1. Log in to the LEM Console.
  2. Click Build > Groups.
  3. Click the plus button in the upper right corner and select Directory Service Group.
  4. In the details pane at the bottom of the LEM Console window, select a group category from the folder tree on the left to populate the Available Groups pane on the right.
  5. Check the boxes next to the groups you want to import into LEM Manager.
  6. Repeat Steps 4 and 5 until you have selected all of the groups you want to import.
  7. Click Save.

Import an Active Directory user and assign the user LEM login rights

  1. Log in to the LEM Console.
  2. Click Build > Users.
  3. Click + and select Import LEM User.
    The Import Users dialog opens.
  4. Complete the form to select the user to be given LEM console login rights.

    • LEM Groups – Choose All to search for a user across all security groups, or choose a specific security group to limit your search to just that group.
    • Search User – Type a portion of the user name to search for. You must type at least three letters.
    • Search – Click search to get a list of users that meet the search criteria. Search will not return more than 10 users.
    • Available Users – Select one or more users to import from the search results.
    • Selected Users – Click the green arrow to move users from the Available Users list to the Selected Users list.
  5. Click Import.

    The system adds the user to the Users view list.

  6. In the Users list, select the user and verify that the user's email address appears in the Contact Information box.

    If the email address is missing, Active Directory is not configured to supply this information and you will not be able to send email notifications to this user. You can create the email address or add it to a local user when rules fire.

Last modified
15:59, 13 Feb 2017

Tags

This page has no custom tags.

Classifications

Public