Recently Viewed Topics
LDAP Servers with Multiple OUs
Tenable’s SecurityCenter LDAP configuration does not support the direct addition of multiple Organizational Units (OUs) in the LDAP configuration screen. Two deployment options are possible for those with multiple OUs.
Option 1 (Recommended)
- Add a container (e.g., group) only for SecurityCenter users.
- Allow existing Active Directory users to become members of the newly created group.
- Use the Distinguished Name (DN) of this group as the Search Base. For example: CN=SecurityCenter,DC=target,DC=example,DC=com.
When you complete these changes, new users who are members of this group can log in immediately. No restart is required.
- Log in as an admin user.
Click System > Configuration > LDAP.
- Log out as the admin user.
- Log in as the organizational user who manages the user in question.
Create the new user and set the LDAP Search String as =*.
Use a high level Search Base in the LDAP configuration. For example: DC=target,DC=example,DC=com.
The example above could be used along with a Search String for global usage. As another example, you might use this search string, when used in the configuration, applies to all LDAP searches:
Note: This option is limited to 128 characters.