Active Directories
• 2 min to read •
Active Directory is a directory service developed by Microsoft, which in fact is all existing accounts registry. It is possible that several users work from the same device from time to time and active directories allow you to manage all user accounts on all endpoints efficiently.
Each domain directory can contain a domain forest which, in its turn, contains subdirectories.
Syxsense provides integrated support for Active Directory: live connection to target your existing AD infrastructure and pass query results of users, groups, computers, and containers to Tasks and Cortex Policies.
Syxsense Active Directory integration automates policies, procedures, and actions for cyber security. Leveraging your existing infrastructure, you immediately take advantage of Syxsense's data-driven risk detection, security gap analysis, and prioritized risk remediation. Browse your AD directly in Syxsense: target Active directory computers, OU, users, groups, and more when creating tasks or cortex workflows.
|
Important Information This option is only available for Windows operating systems. |
|
Prerequisites An online device An account that has 'Endpoint Management' permissions. |
Discovery: Active DirectoriesDiscovery: Active Directories
The filter option allows to quickly group devices from the active directory based on status, including the ability to use multiple ones at the same time, e.g., Connected Windows with Critical vulnerabilities, and the toolbar allows you to perform specific operations on the selected device from the directory.
| Filters | Unmanaged | Devices that have been discovered but an agent was not installed on them |
| Windows | Devices with the Windows OS | |
| Linux | Devices with the Linux OS | |
| Mac | Devices with the macOS | |
| Connected | Devices currently connected to the console | |
| Not Connected | Devices currently not connected to the console | |
| Agentless | Devices without a client installed | |
| Critical | Devices with Critical vulnerabilities detected | |
| High | Devices with High-risk vulnerabilities detected | |
| To be Archived | Re Devices which will be archived within the next 5 days unless they connect to the console. | |
| Quarantined | Devices that are quarantined | |
| All Vulnerabilities | Devices that are missing any vulnerability | |
| Not Scanned Vulnerabilities | Devices that should be checked for vulnerabilities | |
| All Security Vulnerabilities | The devices, and vulnerabilities detected on which, threaten the whole system's security | |
| Not Scanned Security Vulnerabilities | Devices to be scanned for security vulnerabilities | |
| All Patch and Security Vulnerabilities | Devices that have any kind of vulnerabilities connected with security | |
| Toolbar |  |
Allows digging into the device details |
 |
Initiates an HTML5 remote-control session with the device in a new browser tab | |
 |
Starts the patching wizard where you can choose which updates to deploy to the device. Check Vulnerabilities for patch details | |
 |
Deletes the device from the database or archives it | |
 |
Allows you to move the device between Site Groups | |
 |
Starts a scan to collect the latest hardware and software information | |
 |
Sends a magic packet to wake up the device from being powered down. This feature requires Wake-On-Lan enabled in the BIOS | |
 |
Creates a device group | |
 |
Uninstalls the agent from a device (only available to online devices | |
 |
Creates reports, grouping different metrics |
Guided walk-through: How to discover AD devicesGuided walk-through: How to discover AD devices
To bring live LDAP attributes into device management, install a vRep (Management Agent) within sight of your domain controller. You can browse, query, and target Active Directory Computers, Users, Groups and more. Perform a real-time discovery of the devices which are part of the AD structure and they will be available in the console.
| ❶ |
Download vRep installer from Add Device/Discovery Agent screen. This option is also available from the Discovery task menu. Select 'By Active Directory Query' after task is created. The Discovery task finds devices without the agent installed and installs the Syxsense Agent.Drop-down TitleDrop-down Title  |
| ❷ | Move to the Active Directory folder under Managed Devices and select the preferred domain |
| ❸ |
Tick 'Enable live connection' to start communication between your AD and Syxsense. This option allows to see all the online devices in the domain directory and choose the devices for the Syxsense agent installation via vReps technology.Drop-down TitleDrop-down Title  |
| ❹ | Domain Name: Enter your FQDN or optionally a specific domain controller (RDOs are acceptable) |
| ❺ | Check the installed vRep you prefer to use for communication with your AD |
| ❻ | Click 'Save' |
Watch one of our Syxsense Video
Last Update: Mar 12, 2024
Copyright ©2024 by Syxsense, Inc. All Rights Reserved