Current ThreatQ Version Filter
 

Authenticated Bind

THREATQ REQUIRED PERMISSIONS

Default ThreatQ Role: Administrative or Maintenance
Custom Role - Action Permissions: Administrative Functions - Edit User Management

It is recommended that you contact ThreatQ Support before configuring an authenticated bind connection.

Only users with an Administrative or Maintenance account can access LDAP settings.

  1. Navigate to Settings Settings Icon > User Management.
  2. Click on the LDAP option and select the Authenticated Bind LDAP Settings tab.

    Updated LDAP Settings

  3. Complete the Server Connections Settings section:
    Field Description
    Account Suffix The LDAP account suffix.
    Host Address Name of the LDAP domain controller without the protocol.
    Example: tqldap.threatq.com
    Port Number The LDAP port; either 636 or 389.
    Only standard ports for secured and unsecured connections are supported. Use port 636 if using SSL to create a secured connection.
    Admin Username The LDAP administrative username.
    Admin Password The LDAP administrative password.
  4. After you populate the Server Connections Settings fields, click the Test Connections button to verify the settings are correct.
  5. Complete the LDAP Schema section:
    Field Description
    Base DN The Base DN of the LDAP server connection.
    Example: DC=[server], DC="com"
    DN Field Name The field used to retrieve the DN or users and groups.
    This field should be DN for both OpenLDAP and Active Directory.
    User Search Filter The field to search for users.
    For OpenLDAP: objectClass=poslxAccount
    For Active Directory: objectClass=user
    Group Search Filter The field to search for grpups.
    For OpenLDAP: objectClass=poslxGroup
    For Active Directory: objectClass=group
    Primary Group Name The primary group name.
    Group Member Field Name This field is used to search for groups that a user belongs to.
    For OpenLDAP: cn
    For Active Directory: memberof
    User ID Key Field Name Field used to search for users based on email.
    For OpenLDAP: uid
    For Active Directory: sAMAccountName
    User Group Member Key Field Name Field used to search for groups that user belongs to.
    For OpenLDAP: memberUid
    For Active Directory: uid
  6. Under the Protocols section, use the Yes/No toggle switch to select whether the connection will use SSL.

    If the connection will use SSL, confirm that the port number, set in step 3, is 636 to create a secured connection.

  7. Complete the MAP your Permission Levels to LDAP section:

    You cannot use the same LDAP User Group for multiple permission levels. For roles not mapped, you should enter a hyphen: "-." You cannot save the configuration without entering a value in each field.

    Field Description
    Maintenance Account The LDAP account the ThreatQ Maintenance group will map to for permissions.
    Open LDAP Example: ldapSuper
    AD Example: CN=tq‑maintenance,CN=Builtin,DC=yourdomain,DC=com
    Administrative Access The LDAP account the ThreatQ Administrative group will map to for permissions.
    Open LDAP Example: administrator
    AD Example: CN=linux‑admins,CN=Builtin,DC=yourdomain,DC=com

    Primary Contributor Access

    		 The LDAP account the ThreatQ Primary Contributor group will map to for permissions.
    Open LDAP Example: ldapAnalyst
    AD Example: CN=linux‑admins,CN=Builtin,DC=yourdomain,DC=com
    Read-Only Access The LDAP account the ThreatQ Read-Only group will map to for permissions.
    Open LDAP Example: ldapObserver
    AD Example: CN=read‑onlyCN=Builtin,DC=yourdomain,DC=com
  8. Use the Connect To Receive Data section connect to your LDAP using the settings on this page to pull group information and user lists
  9. Click Save.
  10. Click the Enable/Disable toggle switch to enable LDAP.

    Green indicates the feature is active.