This guide explains how to register a Domain-type discovery on the Segura platform, enabling automatic detection of assets related to Active Directory, such as accounts, devices, and services.
Access path
- Click Management in the left-hand menu.
- Select Discovery.
- Click Add and select Domain.
Fill in the initial settings
- Enter a unique name in the Name field.
- Select the Domain.
- Fill in the DN Base field.
- Set the Active option to Yes or No.
- Click Continue.
Configure access credentials
- Under Access using credential from vault, do the following:
- Select the Access credential stored in the vault.
- Choose the Network Connector if applicable.
- Provide the Configuration password (ex: enable) if needed.
- Enable Force sudo use if privileged commands are required.
- Under Access using pool of credentials, click Add and select one or more available pools.
- Click Continue.
Select search objects
- Choose the objects you want to discover:
- Search for credentials
- Search for device groups
- Search for certificates
- Find DevOps artifacts
- Monitor unauthorized access (1-hour intervals)
- Identify accounts in application pool (IIS)
- Search FQDN on Windows devices
- Click Continue.
Define search parameters
- Select the Account form.
- Fill in the DN filters if needed:
- DN of the credential filter (leave blank to use DN Base)
- DN of the device filter (leave blank to use DN Base)
- Configure the LDAP attributes:
- Account name attribute*
- Hostname attribute
- Account domain*
- Account domain (Short Name)
- Set the toggles as needed:
- Use SSL?
- Bind requires DN?
- Member is DN?
- Fill in DN Bind if applicable.
- Click Continue.
Apply search filters
- Under Credential filter, click Add to set filters.
- Under Device filter, click Add to define specific rules.
- Under Plugins for discovery, click Add to configure plugins and ports.
- Click Continue.
Configure Windows asset collection
- Select the components to discover:
- Managed service accounts
- Accounts linked to Windows service accounts
- Scheduled tasks
- IIS application pools
- SCOM Run As account
- COM+ applications
- Click Continue.
Select Active Directory objects
- Choose which AD objects to include:
- Search user accounts
- Search managed service accounts
- Search credentials used as service accounts
- Search security groups
- Search domain controllers
- Search computers (devices)
- Click Continue.
Set execution rules
- Enable Keep scan active after import? if desired.
- Select the Days allowed for execution.
- Select the Periods allowed for execution.
- Set the Minimum interval between executions (in hours).
- Click Continue.
Configure import settings
- Enable Create exclusive glossary for this discovery if needed.
- Fill in the Device configuration fields:
- Site, Vendor, Type, Product, and Tags
- Under Credential configuration, set the default and privileged credential types.
- Under Device import, choose whether to enable automatic import.
- Under Credential import, click Add to define usernames for import.
- Click Continue.
Additional tabs displayed based on search options
When you enable Search certificates or Search DevOps artifacts, additional tabs appear to configure specific search parameters.
Certificates tab
Configure the certificate discovery options:
- Certificates origin: Apache, Nginx, Tomcat, IIS, Workstation Windows, IBM Websphere, Microsoft CA, Palo Alto, Kubernetes, NetScaler.
- Search certificates in directories
- Search certificates without login
- Import all certificates automatically
- Extra settings for F5/BigIP: Configure the SOAP port.
DevOps tab
Configure DevOps tool integration:
-
Ansible
- Enable service
- Search playbooks
- Search roles
- Search hosts
-
Jenkins
- Enable service
- Access token
- Access port
- Search jobs
- Search nodes
- Search users
-
Kubernetes
- Enable service
- Select credential
- Access port
- Search secrets
- Bearer token
Review the configuration
- In the Review tab, confirm all information entered in the previous steps.
- After reviewing, click Save to register the discovery.