LDAP Rights Query.

Reply
Highlighted
L2 Linker

LDAP Rights Query.

Hi Guys,

 

 

To create the service account in AD, which is utilized on the device. we know that below rights are needed.
- Distributed COM Users
- Event Log Readers
- Server Operators

 

My query is why it necessary, what it's justification to be a part of this rights.

 

In cisco asa it is not necessary that's why I am have this query.

 

Thanks in advance

Thanks and Regards,
OK.

Accepted Solutions
Highlighted
Cyber Elite

- Event Log Readers  (The FW needs permission to read the Security Log on the DC, so when a user (fred, authenticates/logs onto his his computer with 172.16.1.55, and the DC authentication is successful, the UserID agent matches fred:172.16.155 and fwds to the FW.

Now the FW knows that 172.16.1.55 = Fred.)

 

- Server Operators  (used for File/Print shares.  As long as someone has a drive mapped or printer mapped, that share session is in use.  The Server Operator confirms the user is still using/has permission to use.  The IP of the user is captured.)

 

Distributed COM Users  - used for probing unknown IPs within the network.  An employee bring laptop in sleep mode, into corporate network.  He wakes up computer and then plugs in Ethernet cable.  Did he authenticate yet?  (NO), but he got a DHCP address.  So WHO has this IP.   probing IP allows the FW to ask the device "who are you" and the user comes back as "fred".  Again, now the FW knows that 172.16.1.55 = Fred)

 

Thank you.

Help the community: Like helpful comments and mark solutions

View solution in original post


All Replies
Highlighted
Cyber Elite

- Event Log Readers  (The FW needs permission to read the Security Log on the DC, so when a user (fred, authenticates/logs onto his his computer with 172.16.1.55, and the DC authentication is successful, the UserID agent matches fred:172.16.155 and fwds to the FW.

Now the FW knows that 172.16.1.55 = Fred.)

 

- Server Operators  (used for File/Print shares.  As long as someone has a drive mapped or printer mapped, that share session is in use.  The Server Operator confirms the user is still using/has permission to use.  The IP of the user is captured.)

 

Distributed COM Users  - used for probing unknown IPs within the network.  An employee bring laptop in sleep mode, into corporate network.  He wakes up computer and then plugs in Ethernet cable.  Did he authenticate yet?  (NO), but he got a DHCP address.  So WHO has this IP.   probing IP allows the FW to ask the device "who are you" and the user comes back as "fred".  Again, now the FW knows that 172.16.1.55 = Fred)

 

Thank you.

Help the community: Like helpful comments and mark solutions

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!