Authentication Against Active Directory

Securonix has the ability to authenticate against a single domain. The authentication configuration are to be made to the file available in the securonix_home/conf directory.

The securonix system currently authenticates against a single domain and does not support authentication against multiple domains.

Make the following changes to the file

  • Change/Edit the following parameters in securonix_home/conf/

managerDn = <the username=”” used=”” for=”” authenticating=”” against=”” ad=””> managerPassword = <the password=”” used=”” for=”” authenticating=”” against=”” ad=””> grails.plugins.springsecurity.ldap.context.server = <ldap url=””>(ex: ldap://xx.xx.xx.xx:389 or ldaps://xx.xx.xx.xx:636) grails.plugins.springsecurity.ldap.authorities.groupSearchBase = <group search=”” base=””> = <user search=”” base=””>

  • Add the following line to the file grails.plugins.springsecurity.ldap.authorities.groupSearchFilter=member={0}
  • Add the userid(same as AD login) in Securonix application, and provide the appropriate access controls In the configuration file the system by default looks at the sAMAccountName and uses the users sAMAccountName to log into the Securonix Application. This can be changed by changing the{0} from sAMAccountName to cn, dn or other distinguishable value as per requirement
  • If local user authentication has to be enabled: Comment the following line. Else, authentication will only be against AD. Uncomment it to authenticate only against AD. grails.plugins.springsecurity.providerNames = ldapAuthProvider

To Debug the errors faced make the following changes to the files

Note: If there are multiple domains to be configured, request for a virtual directory to be created which has the entire list of users. Use the credentials of the virtual directory in the files

Securonix Threat Labs Monthly Intelligence Insights – May 2024
Securonix Threat Labs Monthly Intelligence Insights – April 2024
Securonix EON Takes Center Stage at Record-Breaking RSA Conference
What is Going on with the SIEM market?