How do I configure AD/LDAP authentication?

Owned by Carlos Osorio
Nov 10, 2020


SUMMARY

Jul 06, 2015

To configure the LDAP settings you need to:

  • add the user account to the Snare Server

  • add in the LDAP server details being the server IP/DNS name and the domain it belongs to, this is in the wizard settings.

When you login to the Snare Server you login with your domain i.e. username@mydomain then your domain password to get validated using AD password details.

The privilege levels in Snare Server are controlled from the Snare Server user access area, i.e. if the user is an administrator then it needs to be in that group, if not then don't give it administrator access or give it some other custom group you create.

NOTE: A FQDN name is required for the domain controller, not the IP address as it uses this as part of the certificate matching for the SSL connection. The Snare Server has to point to a DNS server that will allow it to resolve this FQDN name.
If you ssh into the server or go on the hardware console then validate the name using nslookup. If this fails then you need to change your DNS Server settings to use a DNS server that can resolve the name.