This guide contain information about how to install AD agent and sync AD users with Cloud DLP Instance.
Before starting integration please check following items
- You have already SWG instance running on C1
- You have already Cloud DDP instance
- SWG integrated with DLP over ICAP , please see how to check it.
- To apply AD user based policy , you need SWG agent installed on the computer. You can download and run it from SWG portal ( Administration – > Traffic Forwarding –> "Dome Agent Configuration")
- Computer that you will install the Dome Active Directory agent should be member of the Domain otherwise AD integration will be failed.
- Active Directory agent can be installed on any Windows client in your domain.
In this step , you will download and install the AD agent from DDP portal then sync AD user with DDP server.
- Connect to DPP UI from C1
- Navigate to Policy tab then click on Active Directory Agent section from Server Connection
- Click on "Download Agent" button.
- When installation completed then double click on the "Agent" to start installation
- When installation completed you need to stop service : Right click on Agent Tray Icon – > Click on Close
- Open "ActiveDirectorySyncAgent.cfg " file with notepad that is located under "C:\Program Files(x86)\COMODO\Active Directory Sync Agent"
- Navigate to "portal-api-url " then enter following url
portal-api-url = https://X.X.X.X/spring/syncagent/ldap_update/data
Note: Please replace X.X.X.X with correct DLP server ip address/url : You find your DLP service url / io from here
- Save and Close file
- Click on "Start" menu on windows then click on "Active Directory Sync Agent"
- Then click on "Configure" from Tray icon
- When Dome Active Directory agent configuration screen pop-up displayed on the screen please enter the following parameters.
User Token : You can find this token on DLP UI (Policy – > Active Directory )
Host Name: Please enter the local ip address of Active Directory Server.
Base DN : Please enter your domain with following format , for exm : if your local domain is example.local then enter DC=example,DC=local
- Once you complete the steps above , then click on "Check LDAP Connection" then "Configuration is working successfully" message will be displayed on the screen.
- Click on "Save & Close" button
- Based on number of users on AD , sync process might take time.
- Once sync completed then you can create new AD users from Policy –> AD users section.