Forests

To add a forest:

  1. In Tenable Identity Exposure, click System> Forest management.

  2. Click Add a forest on the right.

    The Add a forest pane appears.

  3. In the Name box, type the forest name.

  4. In the Account section, provide the following for the service account that Tenable Identity Exposure uses:
    • Login: Type the name of the service account.
    • Format: User Principal Name, such as “” (recommended for compatibility with Kerberos Authentication) or NetBIOS, such as “DomainNetBIOSName\SamAccountName”.
    • Password: Type the password for the service account.
  5. Note: If you must set the AD service account of Tenable Identity Exposure as a Protected Users group member, ensure your Tenable Identity Exposure configuration supports Kerberos Authentication, because Protected Users cannot use NTLM authentication.
  6. Click Add.

    A message confirms the addition a new forest.

To edit a forest:

  1. In Tenable Identity Exposure, click System> Forest management.

  2. In the list of forests, hover over the forest you want to modify and click the icon on the right.

    The Edit a forest pane appears.

  3. Make the necessary modifications.

  4. Click Edit.

    A message confirms that Tenable Identity Exposure updated the forest.