Skip to main content

Admin Dashboard

AD Synchronization

This section contains information about Blocksi assessment service and Windows deployment.

Downloading and Installing the App

  1. Download the Blocksi AD Synchronization App from the Blocksi Admin Dashboard by clicking the Profile icon > Downloads.

    Admin Action Bar User Icon -­ Downloads Option
  2. Move this installer to the server hosting Active Directory (or another server that can access your Active Directory server).

  3. Install the Blocksi AD Synchronization app using the provided executable installer (Blocksi AD Synchronization.exe) on your Active Directory Server. The app is launched automatically after successful installation.

    AD Sync Window
  4. Type the Super Admin Email of your Blocksi environment in the Company ID field. The Super Admin Email is listed on your Blocksi Admin Dashboard > Dashboard Settings > Administrators and Roles page.

  5. Click Login. The Blocksi AD Synchronization window opens.

    AD Sync Login Window

Configuring the Settings

  1. Click Show Settings. The Connection tab opens.

    AD Sync Connection Window
  2. Do one of the following:

    • If the application is installed locally on your Windows server, and the Encryption Method is SSL, enter the following:

      • Hostname: localhost

      • Port: 636

    • If the application is installed locally on your Windows server, and the Encryption Method is NO, enter the following:

      • Hostname: localhost

      • Port: 389

    • If the application is installed on another server that requires remote access to the Active Directory server, and the Encryption Method is SSL, enter the following:

      • 10.123.123.12; for example, IP of serverHostname: Hostname: localhost

      • Port: 636

    • If the application is installed on another server that requires remote access to the Active Directory server, and the Encryption Method is NO, enter the following:

      • 10.123.123.12; for example, IP of serverHostname:

      • Port: 389

Checking the Connections

  1. Click Check connection. If the connection has been established successfully, the application displays the following message.

    AD Sync Success Window

    If the connection is not successful, the system displays the following message.

    AD Sync Error Window
  2. Click the Authentication tab.

    AD Sync Authentication Wndow

    Refer to the following table for a description of these fields and their example values.

    Field Name

    Description

    Required

    Example Value

    Base DN

    Identifies the entry in the directory from which searches initiated by LDAP clients occur. It is often referred to as the search base.

    Yes

    DC=example

    DC=com

    Base DN or user

    Credentials you are using for authentication to the LDAP Directory. Can be user logon name or user’s email address.

    Yes

    bind_user

    bind_user@example.com

    Bind Password

    Password for Bind DN or user.

    Yes

    Password123

  3. Enter the values for your configuration.

  4. Click the Check Authentication button to validate the settings. If the connection has been established successfully, the application displays the following message.

    AD Sync Success Window

    If the connection is not successful, the system displays the following message.

    AD Sync Invalid Credentials Window
  5. Click the Save and Close button when the user has been authenticated successfully. The following prompt should appear.

    AD Sync Completed Authorization Window

    If there are still issues with the configuration, the following prompt appears.

    AD Sync Bad Authorization Window
  6. Click the System Tray after the configuration is successful. If the app has lost a connection or something went wrong, the app's icon displays a red dot.

    AD Sync Taskbar
    AD Sync Taskbar 2
  7. Right-click the app’s icon and select Synchronization. The Blocksi AD Synchronization – Synchronization window opens.

    AD Sync Select OUs Window
  8. Select the checkboxes to the left of the OUs that you want to synchronize and click the Synchronize button. To unsynchronize an OU, just clear the checkbox to the left of the OU and click the Synchronize button.

OUs that are synchronized appear on the Blocksi Admin Dashboard in Organizations and Entities > LDAP OU.

Users that are synchronized with these OUs, appear on the Blocksi Admin Dashboard in User Licenses > LDAP Users.

When an OU is synchronized, the app is listening to the OU, ancestors of this OU, and members (users) of this OU only.

Using the previous screenshot as an example, the app listens to the following OUs and users from these OUs:

  • OU1

  • OU2-2

  • OU3 and OU3-1

The app notifies Blocksi Dashboard about any changes regarding users from those UOs.

Also, the app listens to OU2, as it is an ancestor of synchronized OU2-2, but listens only for changes to users in OU2-2.

After installation, the application is launched automatically after Windows logon.