Domain controller polling

December 9, 2024

ID 166185

Kaspersky Security Center Cloud Console supports polling of a Microsoft Active Directory domain controller and a Samba domain controller only by using a distribution point.

Kaspersky Security Center Cloud Console allows you to poll a Samba domain controller only by using a Linux distribution point. For a Samba domain controller, Samba 4 is used as an Active Directory domain controller.

When you poll a domain controller, a distribution point retrieves information about the domain structure, user accounts, security groups, and DNS names of the devices that are included in the domain. Domain controller polling is performed according to a schedule that you set.

Prerequisites

Before you poll a domain controller, ensure that the following protocols are enabled:

  • Simple Authentication and Security Layer (SASL)
  • Lightweight Directory Access Protocol (LDAP)

Ensure that the following ports are available on the domain controller device:

  • 389 for SASL
  • 636 for TLS

Domain controller polling by using a distribution point

You can also poll a domain controller by using a distribution point. A Windows- or Linux-based managed device can act as a distribution point.

For a Linux distribution point, polling of a Microsoft Active Directory domain controller and a Samba domain controller are supported.
For a Windows distribution point, only polling of a Microsoft Active Directory domain controller is supported.
Polling with a Mac distribution point is not supported.

To configure domain controller polling by using the distribution point:

  1. Open the distribution point properties.
  2. Select the Domain controller polling section.
  3. Select the Enable domain controller polling option.
  4. Select the domain controller that you want to poll.

    If you use a Linux distribution point, in the Poll specified domains section, click Add, and then specify the address and user credentials of the domain controller.

    If you use a Windows distribution point, you can select one of the following options:

    • Poll current domain
    • Poll entire domain forest
    • Poll specified domains
  5. Click the Set polling schedule button to specify the polling schedule options if needed.

    Polling starts only according to the specified schedule. Manual start of polling is not available.

After the polling is completed, the domain structure will be displayed in the Domain controllers section.

If you set up and enabled device moving rules, the newly discovered devices are automatically included in the Managed devices group. If no moving rules have been enabled, the newly discovered devices are automatically included in the Unassigned devices group.

The discovered user accounts can be used for domain authentication in Kaspersky Security Center Cloud Console.

Viewing the results of domain controller polling

To view the results of domain controller polling:

  1. In the main menu, go to Discovery & deployment DiscoveryDomain controllers.

    The list of discovered organizational units is displayed.

  2. Select an organizational unit, and then click the Devices button.

    The list of devices in the organizational unit is displayed.

You can search the list and filter the results.

See also:

Network polling

Scenario: Discovering networked devices

');
Kaspersky Endpoint Security for Business Advanced: Adaptive security of your company
Web and device controls. Data encryption. Centralized and convenient management from a single console.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).