Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.oleria.com/llms.txt

Use this file to discover all available pages before exploring further.

Oleria’s identity security provides critical visibility into AD resources, enabling organizations to quickly identify, assess, and mitigate identity and access-related risks. As a result, it offers better support for large enterprises that rely on Active Directory (AD) for various aspects of identity and access management. Oleria’s identity security solution significantly improves Active Directory management by providing complete visibility and control over your organization’s identity and access landscape. This document provides step-by-step guidance for integrating Active Directory with your Oleria workspace.

Prerequisites

  • Administrator permission on the Oleria workspace
  • An Active Directory Domain Joined (ADDJ) machine to install the Oleria AD Agent
  • Administrator permissions on the ADDJ machine

Create a Service Account in Active Directory

Create an Active Directory Service Account and grant read-only permissions.
1

Create a new user

Log in to Active Directory and create a new user, for example, Oleria Read Admin.Log in to Active Directory and create a new user, for example, Oleria Read Admin.
2

Delegate control

Open your AD Domain and select Delegate Control.Open your AD Domain → select Delegate ControlSelect the user as shown below.Select the user as shown belowGrant the following read permissions:
  • Read all user information
  • Read all inetOrgPerson information Read all inetOrgPerson information
3

Verify group membership

The account will be automatically added to the Domain Users group. Open the Domain Users group to verify the service account.Active Directory Domain Users group with service account listed as member
4

Add to Read-only Domain Controllers

Add the user to the Read-only Domain Controller group.Add the user to the Read-only Domain Controller group.

Configure Event Forwarding

Follow Microsoft Documentation to configure Windows event forwarding.

Integrate Active Directory with Oleria

1

Open the integration

Log in to your Oleria workspace and select WorkspaceIntegrationsActive Directory.
2

Name your agent

Provide a name for your agent and select Continue.Provide a name for your agent and click continue.
3

Copy the installation script

You will see a PowerShell script with a copy option. Copy and execute this script on a member (domain-joined) server where you want to install the Oleria AD Agent.Oleria workspace showing PowerShell installation script with copy button

Install the Oleria AD Agent

1

Run the installation script

Log in to the ADDJ machine, open PowerShell with administrator privileges, and run the script copied from the previous section.PowerShell terminal running Oleria AD Agent installation script
2

Accept the license terms

You will see the Oleria AD Agent installation process. Accept the license terms and select Next.Accept the license terms and select Next
3

Provide the service account details

On the next page, provide the following:
  • Username - the service account name created above
  • Password - the service account password
  • DomainName - your domain name (for example, if your domain is example.local, provide dc=example,dc=local)
  • DomainUrl - your domain controller IP address
Select Next and follow the prompts to complete the installation.Select Next, and follow the prompts to complete the installation.
4

Confirm installation

Once the installation is completed, you will see an OleriaADConnectAgent service in the services list.Windows Services panel showing OleriaADConnectAgent service running

Verify the Integration

Log in to your workspace → Connected IntegrationsActive Directory → select View Details to open the side pane and view the agent health status. Oleria Connected Integrations panel showing Active Directory agent health status

Contact us

For questions about this integration, contact us at support@oleria.com.