AlienVault LDAP configuration

Configuring AlienVault to work with Foxpass's LDAP server

AlienVault provides a USM appliance that can help you manage threat detection and monitor your infrastructure. The USM appliance also supports LDAP authentication for logins, which you can connect to Foxpass.

1. Follow AlienVault's Setup Guide

AlienVault's documentation on this feature can be found here:
https://www.alienvault.com/documentation/usm-appliance/user-admin/cfg-ldap-authent.htm

Once you get to the 'Login Methods/Options Values' section, fill out the fields according to these instructions.

2. Create an LDAP Binder

Create an LDAP Binder with the name 'alienvault' on the LDAP binders page. Copy/paste the generated password! It is only displayed once. The binder will allow AlienVault USM to connect to Foxpass and pull directory data and authenticate users.

3. Configure AlienVault USM for LDAP Authentication

ParameterInput Value
Remote login key
Enable LDAP for loginYes
LDAP server addressldaps://ldap.foxpass.com
LDAP server port636
LDAP server SSLYes
LDAP server TLSNo
LDAP server baseDNdc=example,dc=com
LDAP server filter for LDAP users(uid=%u)

Note: this will return all users in your directory.
LDAP Usernamecn=alienbinder,dc=example,dc=com
LDAP password for Username
Require a valid ossim user for loginYes.

Note: This feature must be enabled for AlienVault to check user authentication. Disabling this feature will result in a less secure configuration. For each user in Foxpass that needs access, you must create a user in the USM Appliance with the same username.

For the DN's that reference "dc=example,dc=com", replace with your organization's base DN. Your base DN can be found on the dashboard page.