In a case, that same default user is set on more than one station, it is convenient to set changing a password for default user in Active Directory domain. When all is set correctly, after the change of password of LDAP user, SecureAnyBox LDAP Agent checks all registered stations and where the user to whom the password changed is set as default, the SecureAnyBox LDAP Agent changes a password for the station.
To update a password for default user in Active Directory domain, please follow these steps:
Set Agent configuration for stations. In Agent configuration for LDAP platform set field Change password of to value default users in domain .
If you not have set App URL in general configuration of SecureAnyBox, is necessary to set it in the Agent Configuration. App URL have to be accessible from the internet (out of local network). Without setting of App URL, the SecureAnyBox Agent can have problems with connection to SecureAnyBox server.
Configure LDAP Agent. In LDAP Agent select Active Directory as Directory service and prepare Active Directory server.
Into LDAP Agent select the Agent Configuration, which you created in the first step.
Into a field Default user domain enter Active Directory domain name into which default user belongs, and if necessary, modify the User id attribute . Please configure other required values in LDAP Agent form and create LDAP Agent by clicking on the OK button. To apply the LDAP Agent is necessary restarting SecureAnyBox.
At the Downloads page, please select the Agent Configuration created in a first step and download the SecureAnyBox Agent and it’s configuration.
Please set default user on your station.
Install SecureAnyBox Agent on a station.
After successful installation of SecureAnyBox Agent, a station should be automatically registered in the SecureAnyBox. Please check at the Stations page, that registration of the station ran successfully.
While registering, the SecureAnyBox Agent (for Windows) if the default user is enabled, sends default user information when registering (including domain if it is a domain user). If the default user is a domain user, the SecureAnyBox Agent does not set the password – because it does not have permission to change the password of a domain user. In that case, a password of a domain user is set by the LDAP Agent.
The LDAP Agent scans all registered stations and retrieves from them default users whose domain is the same as default user domain specified in the LDAP Agent configuration. LDAP Agent generates and sets new passwords for these default users. This process takes place when you start the SecureAnyBox server, then every hour and after click on the Execute button.
