Skip to main content
Oleria’s identity security provides critical visibility into AD resources, enabling organizations to quickly identify, assess, and mitigate identity and access-related risks. As a result, it offers better support for large enterprises that rely on Active Directory (AD) for various aspects of identity and access management. Oleria’s identity security solution significantly improves Active Directory management by providing complete visibility and control over your organization’s identity and access landscape. This document provides step-by-step guidance for integrating Active Directory with your Oleria workspace.

Pre-requisites

  • Administrator permission on the Oleria workspace
  • An Active Directory Domain Joined (ADDJ) machine to install Oleria AD Agent.
  • Administrator permissions on the ADDJ machine

Steps to Integrate Active Directory with Oleria Workspace

Step 1: Create a Service Account In the Active Directory Step 2: Configure event forwarding Step 3: Integrate Active Directory with the Oleria workspace Step 4: Install Oleria AD Agent Step 5: Verify the Active Directory status from the connected applications

Step 1: Create a Service Account in the Active Directory

Create an Active Directory Service Account and grant read-only permissions.
  1. Log in to Active Directory and create a new user, for example, Oleria Read Admin.
  1. Open your AD Domain →  select Delegate Control
Select the user as shown below Grant following read permissions
  • Read all user information
  • Read all inetOrgPerson information
The account will be automatically added to the Domain Users group. Open Domain users group to verify the Service Account Add the user to the Read-only Domain Controller group.

Step 2: Configure Event Forwarding

FollowMicrosoft Documentation to configure Windows event forwarding.

Step 3: Integrate Active Directory with your Oleria Workspace

Log in to your Oleria workspace and select Workspace > Integrations → Active Directory Provide a name for your agent and click continue. You will see a PowerShell Script with a copy option. You need to execute this script on a member (domain-joined) server where you want to install the Oleria AD Agent.

Step 4: Install Oleria AD Agent

Log in to the ADDJ machine, open PowerShell with administrator privileges, and run the script downloaded from step 2. You will see the Oleria AD Agent installation process Accept the license terms and select Next On the next page, provide the following.
  • Username: Provide the Service Account name created in step 1
  • Password: Provide the Service Account password
  • DomainName:: Provide your domain name. Example if your domain name is example.local, provide dc=example,dc=local
  • DomainUrl: Provide your domain controller ip address
Select Next, and follow the prompts to complete the installation. Once the installation is completed, you will see an **OleriaADConnectAgent service **in the services.

Step 5: Verify the Active Directory status from the connected applications

Log in to your workspace → connected integrations → Active Directory → select View Details to open the  side pane to view the agent health status.

Contact Us

For questions about this integration, please contact us at support@oleria.com.