Forests

To add a forest:

1. In Tenable Identity Exposure, click System> Forest management.

2. Click Add a forest on the right.

   The Add a forest pane appears.

3. In the Name box, type the forest name.

4. In the Account section, provide the following for the service account that Tenable Identity Exposure uses:
   • Login: Type the name of the service account.
   Format: User Principal Name, such as “” (recommended for compatibility with Kerberos Authentication) or NetBIOS, such as “DomainNetBIOSName\SamAccountName”.
   • Password: Type the password for the service account.
Note: If you must set the AD service account of Tenable Identity Exposure as a Protected Users group member, ensure your Tenable Identity Exposure configuration supports Kerberos Authentication, because Protected Users cannot use NTLM authentication.

5. Click Add.

   A message confirms the addition a new forest.

To edit a forest:

1. In Tenable Identity Exposure, click System> Forest management.

2. In the list of forests, hover over the forest you want to modify and click the icon on the right.

   The Edit a forest pane appears.

3. Make the necessary modifications.

4. Click Edit.

   A message confirms that Tenable Identity Exposure updated the forest.