ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins. Read more for important details.
ALERT! The community will be read-only starting on April 19, 8am Pacific as the migration begins.Read more for important details.
Absent Member.
Absent Member.
497 views

Active Directory Authentication

I am trying to configure ArcSight Express for Active Directory authentication.  I can use the system fine using built-in authentication.  When I run the managersetup and complete the changes for Active Directory authentication I can not longer login using the default account and I cannot login using windows accounts.  I'm using the same account to login that I used to test during the configuration.  The test succeeds during the configuration, but I am still unable to login as that user.

Anyone have any ideas?

Thanks!

0 Likes
5 Replies
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

Make sure the account you're trying to use from AD is in the users resource for Arcsight.  Once AD auth is enabled, the local accounts get disabled. 

For example - if the AD account is user.account, then user.account has to be in the users in ESM. 

0 Likes
Absent Member.
Absent Member.

I'm not clear on what you mean by "Make sure the account you're trying to use from AD is in the users resource for Arcsight".  Are you saying that I have to add users to ESM somehow?

0 Likes
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

Yes.  So if your account in AD is "dacompton", you also have to add a user to ESM with that username.  ESM is only using AD for password authentication, so it doesn't know the username if you don't tell it. 

0 Likes
Absent Member.
Absent Member.

Got it.  I recreated the users that need access and it works.  However, this needs to corrected.  I should not have to create my user accounts in a second repository to allow AD integration.  I will pursue a fix with ArcSight.

0 Likes
Admiral
Admiral

Actually you can set an alternate account name in ESM to use for AD auth. So for ESM user admin you could set alternate account name foobar (which has to exist in AD) and then login to ESM with admin and the AD password of foobar.

But you'll always have to create users in ESM, that's probably because ESM can use AD for authentication but not authorization...

Joachim

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.