Add New Active Directory Domains

The SMTP Server IP Addresses are located in the Platform Manager Properties. They are used to send email notifications. You can specify a primary, secondary, and tertiary server to allow for failover.

1. On the main toolbar, click Deployment Manager.
2. Click the Platform Manager tab.
3. In the System Management Settings section, click Active Directory Domain Manager.

4. Click the New icon.
   The New Domain Properties window appears.

   

   This is the same domain properties window that is used within the Windows Host Wizard. The Windows Host Wizard fields that do not apply to AD synchronization are disabled. Retired domains are not editable.

5. Fill out the fields as appropriate based on the information provided in the following table.

   Field Name	Description
   Domain Name	The domain name entered, up to 100 characters, is replaced by the fully qualified domain name when domain details are retrieved from Active Directory.
   Organizational Unit	The organizational unit for the domain. This should be in the format <Parent OU>/<Sub OU>/<Sub OU>
   User Name	(Optional) A user name up to 50 characters long used to supply alternate credentials for accessing the domain. If blank, the logged on user account is used when synchronizing from the Client Console and the service account is used when synchronizing from the Job Manager.
   Password / Confirm Password	(Optional) A password up to 50 characters long used to supply alternate credentials for accessing the domain.
   Assign to LogRhythm Entity	The default is the Primary Site. If you have multiple entities, be sure to select the appropriate entity for the new Active Directory domain to ensure entity data remains correctly divided. The System Monitor Agent that collects the logs containing Identifiers for the new Active Directory domain must be connected to the same Entity that you assign here. On the System Monitors tab of the Deployment Manager, verify that the Entity is correct and change it if necessary. For more information, see Connect an Agent to a Different Entity.
   Include in Active Directory Identity Synchronization	Enables Identity Analytics on this domain. For more information about Identity Analytics, see the Web Console User Guide.
   Secure LDAP	Encrypts Active Directory data during transmission.
   Include in Active Directory Group Based Authorization	Includes the domain in Active Directory group based authorization.
   Include in Windows Host Wizard Scan	Windows Host Wizard connects to Active Directory to find Windows systems on the domain. Eligible systems returned by the scan can be selected for remote log collection.
   Scan Sub Units	Scan the sub entities.
   Brief Description	A user defined description up to 255 characters long.

6. Click the Details tab.
7. Click the Validate button. If you successfully added the new domain, the details appear in the Domain Details section.
8. Click OK.