AD Synchronization
This section contains information about Blocksi assessment service and Windows deployment.
Downloading and Installing the App
Download the Blocksi AD Synchronization App from the Blocksi Admin Dashboard by clicking the Profile icon > Downloads.
Move this installer to the server hosting Active Directory (or another server that can access your Active Directory server).
Install the Blocksi AD Synchronization app using the provided executable installer (Blocksi AD Synchronization.exe) on your Active Directory Server. The app is launched automatically after successful installation.
Type the Super Admin Email of your Blocksi environment in the Company ID field. The Super Admin Email is listed on your Blocksi Admin Dashboard > Dashboard Settings > Administrators and Roles page.
Click Login. The Blocksi AD Synchronization window opens.
Configuring the Settings
Click Show Settings. The Connection tab opens.
Do one of the following:
If the application is installed locally on your Windows server, and the Encryption Method is SSL, enter the following:
Hostname: localhost
Port: 636
If the application is installed locally on your Windows server, and the Encryption Method is NO, enter the following:
Hostname: localhost
Port: 389
If the application is installed on another server that requires remote access to the Active Directory server, and the Encryption Method is SSL, enter the following:
10.123.123.12; for example, IP of serverHostname: Hostname: localhost
Port: 636
If the application is installed on another server that requires remote access to the Active Directory server, and the Encryption Method is NO, enter the following:
10.123.123.12; for example, IP of serverHostname:
Port: 389
Checking the Connections
Click Check connection. If the connection has been established successfully, the application displays the following message.
If the connection is not successful, the system displays the following message.
Click the Authentication tab.
Refer to the following table for a description of these fields and their example values.
Field Name
Description
Required
Example Value
Base DN
Identifies the entry in the directory from which searches initiated by LDAP clients occur. It is often referred to as the search base.
Yes
DC=example
DC=com
Base DN or user
Credentials you are using for authentication to the LDAP Directory. Can be user logon name or user’s email address.
Yes
bind_user
bind_user@example.com
Bind Password
Password for Bind DN or user.
Yes
Password123
Enter the values for your configuration.
Click the Check Authentication button to validate the settings. If the connection has been established successfully, the application displays the following message.
If the connection is not successful, the system displays the following message.
Click the Save and Close button when the user has been authenticated successfully. The following prompt should appear.
If there are still issues with the configuration, the following prompt appears.
Click the System Tray after the configuration is successful. If the app has lost a connection or something went wrong, the app's icon displays a red dot.
Right-click the app’s icon and select Synchronization. The Blocksi AD Synchronization – Synchronization window opens.
Select the checkboxes to the left of the OUs that you want to synchronize and click the Synchronize button. To unsynchronize an OU, just clear the checkbox to the left of the OU and click the Synchronize button.
OUs that are synchronized appear on the Blocksi Admin Dashboard in Organizations and Entities > LDAP OU.
Users that are synchronized with these OUs, appear on the Blocksi Admin Dashboard in User Licenses > LDAP Users.
When an OU is synchronized, the app is listening to the OU, ancestors of this OU, and members (users) of this OU only.
Using the previous screenshot as an example, the app listens to the following OUs and users from these OUs:
OU1
OU2-2
OU3 and OU3-1
The app notifies Blocksi Dashboard about any changes regarding users from those UOs.
Also, the app listens to OU2, as it is an ancestor of synchronized OU2-2, but listens only for changes to users in OU2-2.
After installation, the application is launched automatically after Windows logon.