Active Directories
Active Directories page is used to integrate MetaDefender Vault with your organization Active Directory or LDAP Directory in order to synchronize users.
In order to be able to set up User Directory integration, the account used by Vault to connect to Active Directory or LDAP Directory will require read permissions in your organizations User Directory.
Account settings
After clicking the button to add a new User Directory, the user is prompted the next screen which is User Directory Account Settings.
Follow the Account Settings settings page for information on how to configure the account settings.
Add new Active Directory type user directory
In the User Directory type drop down list select Active Directory.
In order to set up an Active Directory integration all the above mentioned settings must be filled in.
When all the required information is filled click Continue.
Add new LDAP Directory type user directory
In the User Directory type drop down list select LDAP Directory.
Follow the LDAP Directory Configuration page for information on how to configure the account settings for LDAP Directory.
When you have filled the required information click Continue.
Advanced settings
| Settings | Description |
|---|---|
| Synchronization configuration | The time interval between synchronizations |
| Login attempts allowed before the account is locked | Number of failed login attempts that can be done before the account will be locked |
| Lock Account For (Minutes) | If the number of failed login attempts is higher than the predefined number, the account will be locked for X minutes |
| Reset failed login attempts counter after (minutes) | 0 - Counter is never reset X - Counter resets after X minutes |
User Filtering Configuration
After selecting Continue on the previous screen, the user goes to the next screen which is User Filtering Configuration.
Follow the User Filtering Configuration page for information on how to configure user filtering.
After you complete the basic configuration you will be redirected to the User Filtering Configuration page where you can fine-tune the way users, administrators and read-only administrators are synchronized according to your User Directory structure.
Adding two DC (domain controller) servers for the same domain (for redundancy purposes) is not supported yet. We only support multiple DC for different domains.
Start Synchronization
After user filtering configuration is done you can click Start synchronization in order to begin the synchronization process. Please note that this operation can take a while.
Run in background
Vault allows Run the syncing users process in the background by click on button Run in background, a progress popup is displayed until it done
Overlicensing situation
If your assigned license key does not contain enough user licenses the User Directory synchronization will report the following message:
If this happens, please contact OPSWAT Sales for a license upgrade or, alternatively, you can go back to User Filtering Configuration step and exclude more users.
Please note that it is also possible to become over licensed at a later moment in time if new users are continuously added in your User Directory. If this happens, a notification will appear and an email notification will be sent to all the administrators. New users would not be able to log in until the over licensed state is resolved by either removing some users from the User Filtering Configuration or by requesting a license upgrade. Existing users (prior to becoming over licensed) will still be able to log in and upload files normally.
Active Directory List
After you have successfully configured one or more User Directories, the list should be displayed as follows:
