Install the TrueIdentity Sync Client
You can download the TrueIdentity Sync Client from the LogRhythm Community, on the downloads page for your specific release. Installers are available for Windows platforms.
The host upon which you install the TrueIdentity Sync Client must be able to connect to Active Directory over secure LDAP and to the LogRhythm Admin API, installed on the Platform Manager. If you install the TrueIdentity Sync Client on the Platform Manager, you can connect to the API locally at http://localhost:8505. Otherwise, you can access the API remotely at https://<hostname>.<domain>:8501. In either case, ensure that security policies or firewalls will allow the connection.
If Active Directory synchronization is already configured on the Client Console, it is recommended that you install the TrueIdentity Sync Client on the Platform Manager.
System Requirements
Note the following system requirements for the LogRhythm TrueIdentity Sync Client:
Your network, Active Directory LDAP server, and the host running the TrueIdentity Sync Client must support TLS 1.2.
You network must allow all traffic from this host to the LDAP server on port 389.
For Secure LDAP connections, your network must allow traffic over port 636.
The server certificate of the Active Directory LDAP server you are connecting to should be in the Trusted Root Certificate Store on the TrueIdentity Sync Client host.
If you are using SSL certificates produced by a Third-Party Certificate Authority (CA), the certificate must also be added to the Trusted Root Certificate Store.
- If the TrueIdentity Sync Client is on a remote host where API Gateway is NOT installed, you must:
- Add the server SSL certificate of the host in your LogRhythm deployment that you intend to connect with to the Trusted Root Certificate Store.
- Allow TLS 1.2 and port 8501 traffic from the TrueIdentity Sync Client to the LogRhythm deployment host.
Install on Windows
Follow the steps below to install the TrueIdentity Sync Client on Windows. Installation is supported on Windows server 2012 and 2016.
- Download the TrueIdentity Sync Client package for Windows from the LogRhythm Community.
The installer and a checksum file are packaged in a .zip file. - Copy the .zip file to the target host and extract its contents to a new directory.
- Go to the directory where you extracted the files, right-click LRTrueIdentitySyncClient_64_####.exe, and then click Run as administrator.
- Review and accept the LogRhythm global end user license agreement, click Install, and then click Close when the installation is complete.