Faddom can seamlessly connect to your Active Directory servers to populate the User Inventory. Using this, it can identify which users are accessing which servers as well as assist with AD management. It provides an intuitive interface that allows you to view your groups and their members and also highlights any empty groups. This functionality helps streamline Active Directory management by facilitating group cleanup and offering valuable insights such as identifying the top users per server and tracking which users are accessing your applications via the Client icon on maps.
To use this feature, Faddom requires access to your Active Directory. If Faddom is deployed on Linux (via OVA or the Cloud Marketplace), a Windows Proxy is required to perform this task. You can follow the guide How to Setup the Faddom Proxy to do this. This step must be completed before configuring the Active Directory connection. However, if you already have a proxy set up—for example, for the Software Discovery feature—you can use the existing proxy without needing an additional one
Setting Up Discovery
Go to Settings > User Discovery
Click Add Active Directory Domain
Add the required details. You will need to do this per domain if you have multiple domains.
The user you wish to use needs to be a member of the Event Log Readers Group as the information is gathered via the AD Event Log
Detect DCs Automatically - Faddom will try to resolve the domain name to get a list of domain controllers. Alternatively, you can specify which domain controllers to connect to manually.
Enable Discovery - To populate this data, this should be toggled on.
Ports 135 and 445 need to be opened from the Faddom proxy to the domain controllers. See What ports need to be open for Faddom to function. for more information see What ports need to be open for Faddom to function?
Viewing the Results
Inventory
You can see the Users and Groups in the Faddom Inventory You will see here a list of groups that can be expanded to see the users in each group and by clicking on a user, you can see which other groups they are a member of. You do this by selecting Users or Groups and opening the properties of the relevant Active Directory object.
Additionally, Faddom is able to show you which users have higher permissions (e.g. domain admin) as well as any empty groups in your AD.
Search
You can use the Search function to search by user. Performing this search will show which servers and applications a user has accessed, as well as when the login occurred. To do this, you enter a username and it will begin to autofill. Clicking on Username and you will see a screen similar to the one below.;
Server Properties
You can also see the results of the Users Faddom found by navigating to the Security tab by going to the Server Properties
Click on a server from a map, search, or click on the properties icon - from any list view
Click to expand the properties
Click on the Security tab where you will be presented with the information
You will see the Security Dashboard for that server
You will see a list of users and by clicking on one, you will get to the User Profile
User Profile
When you open the user profile, you have two tabs -
User Activity which shows the applications and servers the user accessed
User Details which shows the details recorded in Active Directory, including name, email address, location, groups and manager