Go to the table of contents Go to the previous page Go to the next page View or print as PDF
User Identification for Policy Enforcement > Configuring eDirectory Agent
Configuring eDirectory Agent
Administrator Help | Forcepoint Web Security and Forcepoint URL Filtering | v8.5.x
Related topics:
eDirectory Agent gathers user logon session information from Novell eDirectory, which authenticates users logging on to the network. The agent then:
1.
2.
3.
Filtering Service uses the information to apply policies to users, groups, or OUs.
 
Note 
One instance of eDirectory Agent can support one Novell eDirectory master, plus any number of Novell eDirectory replicas.
Use the User Identification > eDirectory Agent page to configure a new instance of eDirectory Agent, as well as to configure the global settings that apply to all instances of eDirectory Agent.
For detailed information eDirectory Agent deployment, including configuration options not available via the Forcepoint Security Manager, see the Using eDirectory Agent for Transparent User Identification technical paper.
To add a new instance of eDirectory Agent:
1.
Under Basic Agent Configuration, enter the IPv4 address or hostname of the eDirectory Agent machine.
 
Note 
2.
Enter the Port that eDirectory Agent should use to communicate with other web protection components (30700, by default).
3.
To establish an authenticated connection between Filtering Service and eDirectory Agent, select Enable authentication, and then enter a Password for the connection.
Next, customize global eDirectory Agent communication settings:
1.
Under eDirectory Server, specify a Search base (root context) for eDirectory Agent to use as a starting point when searching for user information in the directory.
2.
a.
Enter the Administrator distinguished name for a Novell eDirectory administrative user account.
b.
Enter the Password used by that account.
c.
Specify a User entry timeout interval to indicate how long entries remain in the agent's user map.
This interval should be approximately 30% longer than a typical user logon session. This helps prevent user entries from being removed from the map before the users are done browsing.
Typically, the default value (24 hours) is recommended.
 
Note 
3.
Add the eDirectory Server master, as well as any replicas, to the eDirectory Replicas list. To add an eDirectory Server master or replica to the list, click Add, and the follow the instructions in Adding an eDirectory server replica.
When you are finished making configuration changes, click OK to return to the User Identification page, then click OK again to cache your changes. Changes are not saved until you click Save and Deploy.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
User Identification for Policy Enforcement > Configuring eDirectory Agent
Copyright 2018 Forcepoint. All rights reserved.