Documentation forSecurity Event Manager

Configure Active Directory and SEM to work with SEM rules and filters

This section describes how to set up SEM to connect with Active Directory so that you can use Active Directory groups containing user and computer accounts with SEM rules and filters.

SEM groups that synch with Active Directory are called directory service groups (or DS groups). DS groups are only available on SEM Manager instances that complete the following integration steps.

After you complete these integration steps, see Configure Directory Service Groups in SEM to learn how to manage directory service groups.

Configure the Directory Service Query Connector

Complete these steps on the SEM Manager that will implement DS groups.

Before you begin, gather the following information to configure the Directory Service Query Connector:

  • Either the IP address or fully-qualified domain name (FQDN) of the Active Directory server.
  • The domain credentials for an account that the Directory Service Query connector can use. SolarWinds recommends using a service account with a non-expiring password. This account does not need elevated privileges (such as Domain Admin privileges).

To get directory server details, open a Windows command prompt on a computer on the correct network and type nslookup.

  1. On the SEM Console, navigate to Nodes > Manager Connectors.
  2. To locate the connector, enter "directory service" in the search box.

  3. Select the Directory Service Query check box, and then click Add Connector.
  4. Complete the Add connector - Directory Service Query form.

  5. In the Domain Name field, enter the fully-qualified domain name for your directory service server using lowercase characters.

    For example,

  6. In the Directory Service Server field, enter the IP address or hostname of your directory service server.

    SolarWinds recommends using the IP address to avoid possible DNS issues. The SEM network configurations (netconfig) allow for setting or changing the DNS server to resolve the host.

  7. Enter the domain credentials (user name and password) for a user account that the connector can use.

    SolarWinds recommends using a service account with a non-expiring password, otherwise you will have to manually update the connector every time the password expires. This account does not need elevated privileges. When entering domain credentials, provide only the user name.

  8. Select an encryption type (SSL or no SSL), and then click Add.
  9. The connector appears on the Manager Connectors tab under Configured connectors.
  10. Under Configured connectors, select your connector, and then click Start.