The group creation process is the same as for manual groups, the only difference being that you must select Automatic (based on Active Directory) in Group type.
The process of generating and updating subgroups in an automatic group based on Active Directory takes place automatically for every computer that is assigned to that type of group. The action sequence is the following:
The administrator moves a computer to an automatic group based on Active Directory manually, or assigns it to it when installing the protection.
The Adaptive Defense 360 agent retrieves information from the Active Directory structure that the computer belongs to: Organizational unit, PC name, etc.
This information is sent to the Adaptive Defense 360 server. On the server, the solution checks to see if the subgroup that corresponds to the organizational unit exists in the console:
If it doesn't, it creates it automatically and moves the computer to the newly created subgroup. The Default protection profile is assigned to the computer.
It it does, the computer is moved to it.
The subgroup tree that hangs from an automatic group based on Active Directory is automatically updated whenever a computer that belongs to it is moved to another Active Directory organizational unit. Adaptive Defense 360 will create the new subgroup if required and will move the computer to it.
No specific configuration is required in Active Directory, in the Adaptive Defense 360 agents installed, or in the administration console. Each agent retrieves the necessary information from the Active Directory structure that the computer belongs to, and sends it automatically to the Adaptive Defense 360 server, which updates the tree displayed in the console.
Changes are sent from the Adaptive Defense 360 agent to the server according to the configuration established in the Server connection settings section of the protection profile assigned to the computer.
It may be necessary to manually import the Active Directory structure in the following scenarios:
Not all computers on the network have an Adaptive Defense 360 agent installed capable of reporting the organizational unit that they belong to. Despite this, the administrator needs to have the entire Active Directory structure replicated in the administration console.
The administrator wants to have the entire group and subgroup structure from the start without having to start deploying the Adaptive Defense 360 agents.
After you create a group you are taken to the edit window.
Click Import to load a previously exported Active Directory structure in CSV format.
The file to import must have the following format:
It must be a file with a .CSV extension
Every line in the file must include the group and, optionally, the profile associated with the group. Both values must be tab-separated, for example: “Group Path” tab “Profile Name” [Optional]
activedirectory.org ProfileName
activedirectory.org\Domain Controllers ProfileName
activedirectory.org\Computers ProfileName
activedirectory.org\OrganizationUnit1 ProfileName activedirectory.org\OrganizationUnit1\Departament1 ProfileName activedirectory.org\OrganizationUnit1\Departament2 ProfileName
When importing the file, a link is displayed with information about how to create a .CSV file for import purposes.
Related topics