Click here to shrink
Click here to expand Click here to expand

Connection settings

The connection settings in ADAudit Plus allow you to specify the desired protocol (HHTP/HTTPS) for communication between the ADAudit Plus web client and the server. HTTP is the default mode for communication. You can also specify the TLS version and ciphers that you wish to use here. Furthermore, you can choose to enable LDAPS for communication between the product and Active Directory (AD) and TLS.

General

  1. Log in to ADAudit Plus and navigate to the Admin tab.
  2. Under General Settings, click Connection.
  3. Under the General tab, select Enable HTTP mode to use HTTP. The default port number is 8080. If you wish to use a different port, enter the desired number.
  4. To use HTTPS, select Enable HTTPS mode. The default port number for HTTPS is 8443. Specify the desired port number if necessary.
  5. If you require the Keystore Password to be encrypted, enable this option and provide the required password.
  6. Click Advanced to configure TLS and cipher details.
    • Under TLS, configure the required protocol to bound with ADAudit Plus.
      TLS Version Description
      TLSv1 Provides encrypted communication with basic security
      TLSv1.1 Adds stronger protection against certain attack types
      TLSv1.2 Supports modern encryption algorithms and SHA-256
    • Under Ciphers, select the respective cipher suites compatible with the above selected TLS version.
      Cipher Suite Description
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDHE key exchange, RSA authentication, AES-128 CBC, SHA-1
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDHE key exchange, RSA authentication, AES-256 CBC, SHA-1
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA DHE key exchange, RSA authentication, AES-128 CBC, SHA-1
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA DHE key exchange, RSA authentication, AES-256 CBC, SHA-1
      TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 DHE key exchange, DSS authentication, AES-128 GCM, SHA-256
      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDHE key exchange, RSA authentication, AES-128 CBC, SHA-256
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE key exchange, ECDSA authentication, AES-128 CBC, SHA-256
      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA ECDHE key exchange, ECDSA authentication, AES-128 CBC, SHA-1
      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDHE key exchange, RSA authentication, AES-256 CBC, SHA-384
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 ECDHE key exchange, ECDSA authentication, AES-256 CBC, SHA-384
      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA ECDHE key exchange, ECDSA authentication, AES-256 CBC, SHA-1
      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DHE key exchange, RSA authentication, AES-128 CBC, SHA-256
      TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 DHE key exchange, DSS authentication, AES-128 CBC, SHA-256
      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DHE key exchange, RSA authentication, AES-256 CBC, SHA-256
      TLS_DHE_DSS_WITH_AES_256_CBC_SHA DHE key exchange, DSS authentication, AES-256 CBC, SHA-1
      !DES Disables all ciphers that use DES encryption
      !3DES Disables all ciphers that use 3DES encryption
      !MD5 Disables all ciphers that use MD5 hashing
      SSL_RSA_WITH_3DES_EDE_CBC_SHA RSA key exchange, RSA authentication, 3DES CBC, SHA-1
  7. Select the domains for which you'd like to enable LDAP over SSL in the Enable LDAP SSL for drop-down list.
  8. Set the Session Expiry Time by specifying the maximum idle duration after which the ADAudit Plus session will automatically expire.
  9. Enter the UDP Syslog Listening Port (default: 514) to collect events from NAS devices; change if your environment requires a different value.
  10. Turn the Current UDP Syslog Status On or Off depending on whether you want the UDP listener active for event collection.
  11. Enter the TCP Syslog Listening Port (default: 1468) to receive syslog events from Nutanix File s Servers. Update the port if your setup requires another value.
  12. Turn the Current TCP Syslog Status On or Off depending on whether you want the TCP listener active for event collection.
  13. Click Save Changes.

    General

Proxy settings

To configure ADAudit Plus and use a proxy server to connect to the internet, follow the steps below:

  1. Log in to ADAudit Plus and navigate to the Admin tab.
  2. Go to General Settings → Connection → Proxy tab.
  3. Select the Enable Proxy Server Settings.
  4. Enter the Server Name or IP of the proxy server.
  5. Provide the required authentication details by entering the User Name and Password.
  6. Click Save.

Note: Use Test Connection to verify that the proxy server connection is valid.

Proxy

NAT settings

When endpoint devices need to access the ADAudit Plus server through the internet, you can configure a network address translation (NAT) device. This will map your internal IP address to a public IP address or fully qualified domain name (FQDN), which the devices can use to access the central server.

Configure the NAT device by following the steps below:

  1. Log in to the ADAudit Plus web console.
  2. Navigate to Admin tab > General Settings > Connection, and click the NAT tab.
  3. The details of ADAudit Plus' Server (Private IP Address and Ports) are prefilled based on your current configuration.
  4. Enter the public FQDN and port number of the NAT device under NAT Device (Public FQDN and Ports).
  5. Click Save.

    NAT

Don't see what you're looking for?

  •  

    Visit our community

    Post your questions in the forum.

     
  •  

    Request additional resources

    Send us your requirements.

     
  •  

    Need implementation assistance?

    Try OnboardPro

     

On this page

Copyright © 2020, ZOHO Corp. All Rights Reserved.

Get download link