How to Create a Passive Identity Agent Identity Source
The following provides high-level tasks required to configure the passive identity agent identity source in the Cloud-delivered Firewall Management Center and to deploy agent software to your Microsoft Active Directory (AD) servers.
Procedure
| Command or Action | Purpose | |
|---|---|---|
Step 1 | Create a realm for your Microsoft AD domain and domain controllers. | Realms are connections between the Cloud-delivered Firewall Management Center and the user accounts on the servers you monitor. They specify the connection settings and authentication filter settings for the server. For more information, see Create an LDAP Realm or an Active Directory Realm and Realm Directory. |
Step 2 | Create a passive identity agent identity source. | The identity source allows the Cloud-delivered Firewall Management Center and passive identity agent to communicate with each other. Create standalone, primary, or secondary agents, depending on your needs. For more information, see: |
Step 3 | Create a passive identity agent user on the Cloud-delivered Firewall Management Center. | We provide a role sufficient for the agent and manager to communicate with each other. We recommend using that role and no other for the passive identity agent user. |
Step 4 | Install the passive identity agent software. | The way you install the agent depends on your deployment. You can install a passive identity agent on the AD domain controller, directory server, or on any client connected to the domain you wish to monitor. For more information, see: |
What to do next
Create an LDAP Realm or an Active Directory Realm and Realm Directory.