Skip to content

How to connect to Active Directory

CYBERQUEST can be integrated with Active Directory or LDAP systems, allowing users to authenticate to CYBERQUEST using their Active Directory credentials. Follow these steps:

Active Directory side

Create the AD group for the CYBERQUEST users (e.g. CQUsers). Add to the AD group the users that will use CYBERQUEST.

CYBERQUEST side

Authentication

To access Web Interface, open a web browser and type the application's address or DNS name. The default address initially assigned to Web Interface is https://CyberquestIPAddress (example).

The browser automatically redirects you to CYBERQUEST's authentication page:

Login page

Navigate to "Settings > Application Settings > Active Directory".

Settings > Application Settings > Active Directory

Complete the form

Complete the fields with the appropriate information by clicking Edit. The fields are alphabetically ordered:

Active Directory settings form

  • Active Directory Base DN: Base distinguished name for directory lookups. Example: "CN=Users,DC=domain,DC=com".

  • Active Directory Group: AD group synchronized with CYBERQUEST.

  • Active Directory Password: Account password for the mentioned username.

  • Active Directory Port: Default 389 (LDAP) or 636 (LDAPS; recommended in production).

  • Active Directory Server: FQDN or IP of a domain controller to query.

  • Active Directory Suffix: FQDN of the Active Directory domain.

  • Active Directory User: A dedicated service account with minimal required privileges and read access to the directory (avoid using a Domain Admin account). Example: domain_name\Administrator. The default CYBERQUEST account used for collecting events from the Active Directory environment can also be used.

Click Save to apply changes or Close to discard.

After authentication in CYBERQUEST, users must be assigned to the appropriate user groups by a CYBERQUEST administrator.