Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
12-05-2023 12:12 AM
Dear Team,
I will be integrating User-id agentless method, can i integrate with multiple AD servers to achieve this or is there some challenges to integrate agentless with multiple ad servers?
regards,
Doyen Admin
12-05-2023 12:48 AM
no issue at all
there are a few prerequisites:
make sure your mgmt interface has your internal domain name set in Device > setup > management
use your internal DNS servers in the DNS config of the mgmt interface Device > Setup > Services
also add NTP servers and make sure your system clock is accurate
then create a kerberos profile in Device > Server Profiles > Kerberos
now complete the agentless config in Device > User Identification > User Mapping > User-ID Agent Setup
then you can add all your ADs in Device > User Identification > User Mapping > Server Monitoring
You'll want to use WinRM as WMI is going to be patched to death on the AD
hope this helps
12-05-2023 12:48 AM
no issue at all
there are a few prerequisites:
make sure your mgmt interface has your internal domain name set in Device > setup > management
use your internal DNS servers in the DNS config of the mgmt interface Device > Setup > Services
also add NTP servers and make sure your system clock is accurate
then create a kerberos profile in Device > Server Profiles > Kerberos
now complete the agentless config in Device > User Identification > User Mapping > User-ID Agent Setup
then you can add all your ADs in Device > User Identification > User Mapping > Server Monitoring
You'll want to use WinRM as WMI is going to be patched to death on the AD
hope this helps
12-05-2023 02:04 AM
Its a windows server, can i do it with WMI ? if not then what challenges i will be facing, please give input on this as well.
12-05-2023 05:05 AM
you can, but you will need to configure your windows server to accept WMI as microsoft launched a bunch of patches that made WMI nearly impossible to use
WinRM over http runs out of the box and over https you need to add a certificate. So, far less challenging than WMI
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
