AlienVault LDAP configuration

Configuring AlienVault to work with Foxpass's LDAP server

AlienVault provides a USM appliance that can help you manage threat detection and monitor your infrastructure. The USM appliance also supports LDAP authentication for logins, which you can connect to Foxpass.

1. Follow AlienVault's Setup Guide

AlienVault's documentation on this feature can be found here:
https://www.alienvault.com/documentation/usm-appliance/user-admin/cfg-ldap-authent.htm

Once you get to the 'Login Methods/Options Values' section, fill out the fields according to these instructions.

2. Create an LDAP Binder

Create an LDAP Binder with the name 'alienvault' on the LDAP binders page. Copy/paste the generated password! It is only displayed once. The binder will allow AlienVault USM to connect to Foxpass and pull directory data and authenticate users.

3. Configure AlienVault USM for LDAP Authentication

Parameter

Input Value

Remote login key

Enable LDAP for login

Yes

LDAP server address

ldaps://ldap.foxpass.com

LDAP server port

636

LDAP server SSL

Yes

LDAP server TLS

No

LDAP server baseDN

dc=example,dc=com

LDAP server filter for LDAP users

(uid=%u)

Note: this will return all users in your directory.

LDAP Username

cn=alienbinder,dc=example,dc=com

LDAP password for Username

Require a valid ossim user for login

Yes.

Note: This feature must be enabled for AlienVault to check user authentication. Disabling this feature will result in a less secure configuration. For each user in Foxpass that needs access, you must create a user in the USM Appliance with the same username.

For the DN's that reference "dc=example,dc=com", replace with your organization's base DN. Your base DN can be found on the dashboard page.