Prerequisites for Active Directory

Verify the following is set up for crawling.

Crawling and Permission Collection Prerequisites

Active directory SSL is recommended; but requires a SSL certificate which will need to be upload the to Data Access Security. Non-ssl is enabled by default.

If utilizing SSL:

Enable 636 port inbound rule on the firewall on all Active Directory Domain Controllers.

If utilizing non-SSL:

Enable 389 port inbound rule on the firewall on all Active Directory Domain Controllers.

Note

Data Access Security does not support custom ports. You must utilize default ports to properly connect to Active Directory

Lastly, two Virtual Appliances need to be installed. When creating a virtual appliance for Active Directory, be sure to select the Data Access Security - Resource Crawler and the Data Access Security - Permission Collection under Type.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.