- Overview
- Requirements: CylanceON-PREM
- Configuring the CylanceON-PREM virtual appliance
- Configuring the console
- Setting up the CylancePROTECT agent
- Device management
- Threat management
- Global lists
- Administration
- Managing users
- Managing roles
- Update profile information
- Audit logs
- Managing Certificates
- Setting up email notifications
- Settings
- Upgrade CylanceON-PREM
- Reboot the virtual appliance
- Configure session timeout
- Update CylanceON-PREM SSL certificate version 1.3.1 and later
- Update CylanceON-PREM SSL certificate version 1.2.2.1 and earlier
- Change the certificate cipher mode
- Enable maintenance mode
- Change network settings
- Check an IP address
- Change the log level
- Download logs
- Configure syslog/SIEM settings
- Update database connection settings
- Configure active directory
- Configure identity provider settings
- Using certificate-based authentication
- Add a banner to the login screen
- Applications
- CylanceON-PREM API
- Troubleshooting
- Agent not communicating with CylanceON-PREM
- Web browser reports insecure webpage
- Unable to connect to external database
- Configure static IP using the OVF tool
- Remote server 404 error in log files
- Log in with a local administrator account
- Online Certificate Status Protocol issues
- A user is not receiving email notifications
- Before you contact support
- BlackBerry Docs
- CylanceON-PREM
- Cylance ONPREM Administration Guide
- Administration
- Settings
- Configure active directory
Configure active directory
You can enable active directory from the
Configuration > Settings
screen. If the LDAP Server is configured, CylanceON-PREM
user logins are authenticated and authorized using the corporate LDAP server, including Microsoft’s Active Directory. If active directory is enabled, the username for the
CylanceON-PREM
local user account must have have ".\" before the username when logging into the Console. For example, jsmith@cylance.com will need to be entered as ".\jsmith@cylance.com" to log into the CylanceON-PREM
Console.- Add the SSL certificate for the LDAP Server. See Managing Certificates for more information.
- ClickConfiguration > Settings.
- Click
beside LDAP. This expands the LDAP configuration settings. - Enable the LDAP toggle.
- Enter your LDAP/Active Directory information:
- Base Distinguished Name:This is the base distinguished name (DN) used as a base for the LDAP search to look for the user DN.
- Group Distinguished Name:This is the group distinguished name (DN) used to perform an LDAP search to check if the user is a member of the group DN.
- LDAP FQDN:This modifies the FQDN to the LDAP server’s fully qualified domain name (FQDN).The FQDN must be configured on the Domain Server.
- Port:This is the port number of the LDAP server.
- TLS/SSL:This ensures the confidentiality of the user credentials, an encrypted LDAP connection should be used between theCylanceON-PREMserver and LDAP server. There are two encryption methods you can choose from, startTLS and LDAPS.
- ClickTest Connection. A Test Active Directory Connection dialog displays.
- Enter the username and password for the LDAP server, then clickTest. A message displays indicating whether the test connection was successful.To test the connection, use either the UPN Login or SAM Account Login:UPN Login Example:username@domainname.com (hadmin@onprem-cylance.com)SAM Account Login Example:domain\username (onprem-cylance\hadmin)
- Click
.