Jump to:
Summary
The install of the Active Directory Domain Sync Tool is performed similarly to any Windows application.
* Create Virtru users group
* Create Virtru admins group
* Run the Installer
* Modify the configuration
* Set the Schedule
* Start the service
Install Steps
- Download the latest installer - Link to Installer
- Run the MSI as a local administrator
- Run the Installer as an Administrator
- Use defaults unless otherwise instructed.
Modify Configuration
- Run Notepad as an Administrator
- File
- Open
- Navigate to: C:\ProgramData\Virtru\ActiveDirectorySync\Config
- Open: LDAPQueries.json
Notepad
LDAPQueries.json
- Modify the Queries to match the required set of users.
- Update LDAP query to include all users who will be a licensed Virtru User
- Update LDAP query to include all licensed users who are also Virtru Admins
Items to Note
Its is important to verify this LDAP query using active directory users and computers first before saving them in the LDAP .json file.
Validate Keys
- Enter Token ID (Provided by Virtru)
- Enter Token Password (Provided by Virtru)
- Click Verify
- Once Credentials are verified click Save
- Domain sync will kick off automatically once saved
Example LDAP Queries
Virtru Users
Virtru Users are all users who will use Virtru.
- All Users in the Group "Virtru-Users1". This is the standard query that pulls all users and group associations within the Virtru Users group.
- (&(objectclass=user)(memberOf=cn=Virtru-Users1,OU=L2,OU=L1,DC=domain,DC=local))
- All Users in the Group "Virtru-Users1". Recursive (This query pulls groups placed within the Virtru-Users Group)
- (&(objectclass=user)(memberOf:1.2.840.113556.1.4.1941:=cn=Virtru-Users1,OU=L2,OU=L1,DC=domain,DC=local))
- All Users in the Group "Virtru Users 1" or "Virtru Users 2". Recursive (This query pulls all groups with the Virtru-Users naming format if there are multiple groups created for Virtru-Users)
- (&(objectclass=user)(|(memberOf:1.2.840.113556.1.4.1941:=cn=Virtru-Users1,OU=L3,OU=L1,DC=domain,DC=local)(memberOf:1.2.840.113556.1.4.1941:=cn=Virtru-Users2,OU=L2,OU=L1,DC=domain,DC=local))
Virtru Admins
Virtru Admins is defined as a Virtru Admin and a Virtru User. Virtru Admins must be a part of the Virtru-Users group in order to be licensed to use Virtru.
- All Virtru Users in the Group "Virtru-Admins1"
- (&(objectCategory=group)(Name=Virtru-Admins1))
- All Virtru Users in the Group "Virtru-Admins1" or "Virtru-Admins2"
- (&(objectCategory=group)(|(Name=Virtru-Admins1)(Name=Virtru-Admins2)))
Items to Note
If the tool is installed on a Domain Controller (DC) a domain account must be set as the service account.
Attached
- Default - LDAPQueries.json
- Default - schedule.txt