User Management and AD Integration

User Management and AD Integration

1.      Introduction

 NetCyte NAC Management User Interface supports Role-based access management integration with Active Directory.

2.      User Management

You can control all user access privileges under Settingsà.User Management Menu.  You can define a user  as a local user, this user will be created in NAC Database, or you can integrate with your Active Directory. User’s access privilege is defined in the assigned role to the user.


Figure 1 User Management

a.      Roles and Creating New Role

Roles define access privileges of assigned users, so it is an important part of user creation. For managing roles, navigate to SettingsàUser ManagementàRole Management.

There are three built-in roles, Root role, Admin role and ReadOnly role. You can not edit or delete these roles, but you can create a copy of them by clicking the copy icon in the modify column of each row.

Under each role, there are a set of tickets or access information which are enabled or disabled. If you want to give permission access to your user, you need to select related tickets in the assigned role.

You can create your rule, or you can use built-in rule. Every user must have an assigned role to access the system.


Figure 2 Role Management

                                     I.            Role Creation

Under the role management page, you can create your rule by clicking the button  on the top of the Role section. On the window, give a name to your rule and save it.


Figure 3 Adding New Role

After Saving your rule, new ticket set is created under your rule name for editing. You can select a ticket and subsections to enable permission for the new role.


Figure 4 Role Ticket Editing

b.      Integration with Active Directory

If you integrate Management User Interface with you Active Directory, you do not need to create local users. Simply, you can manage login accounts via Active Directory. For integration,  navigate to Settings àUser Management à User Repository Management and click  button to define Integration Parameters.


Figure 5 Active Directory Integration Settings

Define your parameters based on below definitions. Once you finish, do not forget to test the connection by using the “Test Connection” button.

Parameters:

Parameter Name

Explanation

Name

Logical name of your repository.

Prefix

Your domain NETBIOS name.

Host

Active Directory Server IP address.

Port

Active Directory Service binds TCP port.

Path

Location of user search begins in Active Directory. During the authentication, system search user below this path in Active Directory.

User Name

The user name that is used for connection Active Directory.  Ths user has search privilege under defined Path location.

Password

The Password of the user which is used to connect Active Directory.

Table 1 Active Directory Integration Parameters

c.       Create User

Once you create Roles and configure Active Directory integration, user creation is a simple process. To Create user navigate to Settingsà User ManagementàUser Management ad click “Add New User” button to open a new user definition window.


Figure 6 Add New User

The difference between Active Directory and Local User definitions is: you do not need to provide password information if you are defining user from your Active Directory.

Parameters

Explanations

Authorization Type

Location of User. I can be local or Active Directory User Repository.

User Name

User name of the user. If you select Active Directory User Repository, then user name in the Active Directory.

First Name

First name of the user.

Surname

Last name of the user.

E-mail

Email Address of the user.

Password Fileds

Password field of the user if you select Local User Repository. If you choose “Active Directory user repository” password fields are not available.

Role

The role assigned to the user.

Theme

The theme of user interface appearance. It can be light or dark.

Region

Region of the user. You can divide your network into segments and user only access device within that Region.

Home Page

Landing Page of the user when logs in to the system.

Status

Enable/Disable  user account.

Once you finish your user definitions, your user ready to log in to the system with assigned Role privileges.

3.      Monitoring User Activities

All user activities are logged in to the system. You can access the user activity log under Block&Audit Managementà GUI Logs. User Activity logs are divided into five different types. You can access different log type of logs by selecting available log types on the top of Monitoring page.

Figure 7 Monitoring User Activities

    • Related Articles

    • NetCyte Management Main Screen

      One of the most crowded screen of NetCyte management platform is Main Screen or "All Host" screen. This part of management platform is designed to show general information about client device, system and other useful functionalities. In this article, ...
    • NetCyte DNS Security Quick Deployment Guide

        Captive Portal Quick Deployment Guide       1.      Summary This document is a summary of the quick deployment of the Captive Portal component of NetCyte NAC solution from pre-configured virtual appliances. 2.      Objective The objective of the ...
    • Captive Portal Configuration

      1.      Introduction Captive Portal is a Guest management platform for NetCyte NAC System. It is used for registering and authentication of Guest users. It is also used for Authentication Portal for Corporate users. Because it is a web application ...
    • NetCyte Quick Deployment Guide

       NetCyte  Quick Deployment Document 1.      Summary This document is a summary of quick deployment of netCyte NAC solution from preconfigured virtual appliances 2.      Objective The objective of the quick deployment is to demonstrate discovery and ...
    • Alerts

      1.      Introduction Alert subsystem is an integral part of any system. NetCyte NAC supports SMTP (e-mail) and SMS (Text to Mobile Phone) based notifications. Different types of alerts can be routed, related person or team. 2.      Alert Before ...