Connecting ZoneFox to Active Directory (AD)
FAQ
When creating new custom rules, or creating new users, searching for AD groups or users doesn't return any results.
The ZoneFox website needs to be configured to connect to your AD. This is done in the C:inetpubwwwrootInquisitiveSystemsZoneFoxweb.config file.
Firstly, add your required Active Directory Connection details, for example:
<!--Active Directory Connections-->
<add key="ad-con-str" value="<LDAP_URL>" />
<add key="ad-user" value="<UserName>" />
<add key="ad-domain-name" value="<DomainName - can be left blank>" />
Next, add the plaintext password for the ad-user specified above, note this section can also include a password for connecting to your SMTP email server:
<secureAppSettings>
<add key="SMTPPassword" value="" />
<add key="ad-user-pwd" value="<Plaintext_Password>" />
</secureAppSettings>
Save your changes to the web.config file.
Launch IIS Manager.
Expand the Sites and select the ZoneFox site.
Under the Manage Website options on the RHS, Stop the ZoneFox site, then Start the site.
Check the web.config file contents, these should now contain encrypted passwords instead of the plaintext passwords in an entry like:
<secureAppSettings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>gbjcvFGJdkgruegv/feid78GYbcj78ehc</CipherValue>
</CipherData>
</EncryptedData>
</secureAppSettings>
Now when you login to the ZoneFox gui, and create a new custom rule, or add a new user, the AD can be searched and will return groups and users.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.