MyDLP as a data leakage prevention solution, is able to analyze data transfers or residing data according to source. As an example, you are able to create policy specific to an IP by using Network object. For detailed information you can checkout this tutorial: Policy Rules.. Another way of specifying source for rules is using the Active Directory Users. In order to use your active directory users, you have to integrate MyDLP with your active directory domain and the procedure for this as follows:
You start the active directory integration by clicking which is attached to the “Active Directory Domains” in Objects tab. After, you will see this popup:
Explanation of fields that appear on popup:
Domain Name: This is the fully qualified domain name (FQDN) of your domain defined in you domain controller.
IP Address of DC: This is the IP address or the resolvable hostname of the AD domain controller. If you have more than one domain controller in your domain enter the primary domain controller IP or hostname. Also, if you have more than one domain with separate domain controllers you need to integrate them separately.
NetBIOS Name: NetBIOS name of your domain controller.
Login Username: This is the username of an account who has privilege to enumerate all users and groups in your AD domain. For security reason, it is better to create a separate account for integration which has no administrative privileges.
Login Password: This is the password of entered username
Aliases: If you domain alias for email addresses, you are able to add by clicking “Plus Sign”. In addition, you are able to add more than one aliases.
After filling this fields, you will test connection to the active directory domain by clicking “Test Connection” button. If everything is correct, “Successfully connected to AD server” will be returned. If fails, check information that you fill and try again. After saving this integration by clicking “Save” button, you will be able to see your active directory object as below:
Now, MyDLP is connected to your active directory domain and you are able to enumerate to get active directory users by clicking “Enumerate Now” button. This button schedules your enumeration and you will be able to see your users in a few minute. After enumeration is completed, result will be similar to this:
Finally, it is time to use your active directory users in your policy. For this procedure, you should create “Active Directory Object” and put your active directory user in it. In order to create active directory object, click attached to “User Defined” and select “User Object” -> “Active Directory Object” in policy tab.
As always, for any questions or comments, please directly comment to this post.
Have a good day!