A Comprehensive Guide:
This document provides detailed guidance on how to configure, scan, and manage Active Directory settings within the Saner CVEM platform. Proper configuration ensures that organizational hierarchy such as accounts, groups, and devices are accurately fetched and synchronized.
1. Scan Information
1.1 Information Header
The Information Header provides a quick overview of the current Active Directory connection and scanning status. Each field is explained below:
| S.No | Item | Description |
|---|---|---|
| a) | Active Directory Server | URL address of the Active Directory (AD) server that Saner connects to. |
| b) | Connectivity | Displays the health and status of the connection between Saner and the AD server. |
| c) | Last Scan | The date and time when the last AD scan was successfully completed. |
| d) | Next Scan | The scheduled date and time for the next AD scan. |
1.2 Last Scan Result
When you initiate an Active Directory scan by clicking the Scan now button, Saner CVEM will fetch and display the organizational structure, including accounts, groups, and devices, as maintained within the Active Directory.
Visual Indicators:
Items displayed in gray color indicate entities that exist only within Saner CVEM and are not found in the current AD configuration.Viewing Device Details:
To view the devices under a particular group, simply double-click on the group. A pop-up window will display all devices contained within that group.Accept/Reject Mechanism:
Each account, group, or device retrieved can be individually marked as Accept or Reject based on whether it should be imported into Saner CVEM.
| Selected Setting | Import in Current Sync | Listed in Next AD Scan |
|---|---|---|
| Accept | Yes | Yes |
| Reject | No | Yes |
| Add to Exclude List | No | No |
Note:
If an account is set to Reject, all its child groups and devices will automatically be set to Reject.
Similarly, rejecting a group will reject all devices under that group.
After marking the appropriate selections, click Save Changes to initiate the import of the selected structure into Saner CVEM.
2. Settings Tab
The Settings tab allows administrators to configure how Saner interacts with the Active Directory server.
2.1 Active Directory Scanner
Administrators can select the preferred method for scanning the Active Directory:
| S.No | Scanner Type | Description |
|---|---|---|
| a) | Run scan from Saner server | Select this option if it is acceptable to provide AD credentials to Saner CVEM directly. Saner will use these credentials to scan the AD server and fetch hierarchy information. |
| b) | Designate Saner agent to perform Active Directory scan | Choose this option to assign an existing Saner agent (already installed on an endpoint device) to scan the AD server. You must provide AD credentials for authentication. |
| c) | Setup new Saner agent to perform Active Directory scan | If no endpoint devices have the Saner agent installed, you can download and install a new agent. This can be done per account or for all accounts collectively (a zip file with installers will be available). After installation, the selected agent will perform AD scanning. |
2.2 Active Directory Configuration
Configure the necessary parameters to enable Saner CVEM to communicate with the Active Directory server:
| S.No | Parameter | Description |
|---|---|---|
| a) | Server URL | The URL or IP address of the Active Directory server Saner should connect to. |
| b) | Connection Type | Choose between SSL (secure connection) or No SSL. If SSL is selected, an SSL certificate must be provided and optionally verified. |
| c) | Certificate | SSL certificate file that Saner will use to establish a secure connection. |
| d) | Verify SSL | If selected, Saner will validate the SSL certificate before connecting. If validation fails, the connection will not be established. |
| e) | Username | The username to authenticate with the Active Directory server. |
| f) | Password | The corresponding password for the provided username. |
2.3 Scan Schedule
Saner CVEM allows scheduled scanning of Active Directory to ensure that any organizational changes are detected in a timely manner.
| S.No | Schedule Type | Description |
|---|---|---|
| a) | Daily | An AD scan will be performed daily at the configured time. |
| b) | Weekly | AD scans will be performed on specified days of the week at a chosen time. |
| c) | Monthly | AD scans will occur on specified dates of each month at a designated time. |
2.4 Auto Sync Rules
Enabling Auto Sync ensures that changes in Active Directory are reflected automatically in Saner CVEM after every scan.
All edits made in the Active Directory hierarchy are fetched and applied to Saner’s organizational structure.
Items added to the Exclude List are ignored during synchronization.
Changes made within Saner (such as modifying accounts or groups) do not affect the Active Directory server — Saner only imports changes, it does not export them.
2.5 Exclude List
The Exclude List allows administrators to prevent certain accounts, groups, or devices from being imported during synchronization.
After a scan, use the drop-down menu to add items to the Exclude List.
Items can also be removed later if required.
Items on the Exclude List are skipped during future scans and are not imported into Saner CVEM.
3. Logs
The Logs section provides a complete audit trail of all activities related to Active Directory interactions.
Each log entry includes details such as:
Job Code: Unique identifier for the operation.
Date: Timestamp when the activity occurred.
Organization and Account: The organization and account involved.
User: The user who initiated the activity.
Message: A detailed message describing the action.
Example of logs:
Users can apply filters to the log view based on:
Account
User
Date Range
Limit on the number of lines displayed
This helps in quickly locating specific entries for troubleshooting or compliance purposes.
Conclusion
By following the configuration and management steps outlined in this guide, administrators can seamlessly integrate their Active Directory environment with Saner CVEM. Regular scans, proper handling of Accept/Reject states, usage of Auto Sync, and monitoring through logs will ensure accurate representation of the organizational structure and maintain synchronization between Active Directory and Saner CVEM.
Should you require any further assistance or clarification, please feel free to reach out to our support team.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article