Professional Documents
Culture Documents
BOOST PRODUCTIVITY
REDUCE LIABILITIES
WEBTITAN CLOUD
User Identification Guide
www.webtitan.com info@webtitan.com
Overview
The Active Directory user identification integration consists of two components that
must be installed on your network:
www.webtitan.com info@webtitan.com
Workflow
www.webtitan.com info@webtitan.com
Prerequisites
Before you install the WebTitan Cloud AD components, you will need to meet following
requirements:
VMware ESXi 4.1 or newer (alternatively may be installed on bare metal).
Minimum requirements for the DNS Proxy appliance are 1 CPU core, 512MB RAM,
6GB disk space.
5
2. Keyboard Layout
The Keymap Selection screen will be displayed, allowing you to select the keyboard
layout that most closely represents the mapping of the keyboard attached to the
system. If unsure, then use the default keymap or choose United States of America
ISO-8859-1.
3. Setting the hostname
The installer will prompt for the hostname to be given to the newly installed
appliance. The hostname should be a fully-qualified hostname.
www.webtitan.com info@webtitan.com
6
4. Confirmation to proceed
WebTitan DNS Proxy will automatically partition the disk. Choose <Commit> to
proceed and partition the disk. This is the last chance for aborting installation to
prevent changes to the hard drive.
After verifying the integrity of the distribution files to ensure that they have not been
misread from the installation media, the installer will extract the distributed files to disk.
6. Configuring the Network Interface
7
A list of all network interfaces found on the computer is shown next. Select one to be
configured.
The application must be configured with a static IP address and does not provide
the option to configure the interface using DHCP. Static configuration of the network
interface requires some IPv4 information:
IP Address: The manually assigned IPv4 address to be assigned to this computer.
This address must be unique and not already in use elsewhere on the local network.
Subnet Mask: The subnet mask used for the local network. Typically, this is
255.255.255.0.
Default Router: The IP address of the default router/gateway on this network.
7. Configuring DNS
The Domain Name System (DNS) resolver converts hostnames to and from network
addresses. Enter the local networks domain name in the Search field. DNS #1 and
DNS #2 addresses for the local DNS servers. At least one DNS server is required.
www.webtitan.com info@webtitan.com
8
8. Setting the Time Zone
Setting the time zone for your application will allow it to automatically correct for
any regional time changes and perform other time zone related functions properly.
Select <Yes> or <No> according to how the machines clock is configured. If you
dont know whether the system uses UTC or local time, select <No> to choose the
local region and country.
9. Install Packages
www.webtitan.com info@webtitan.com
9
The installer will then proceed with installation of packages and perform some
further installation tasks.
After everything has been installed and configured, the installer will prompt to
reboot into the new appliance. Select <Reboot> to reboot the computer and start
the new WebTitan DNS Proxy application. Dont forget to remove the installation
media, or the computer may boot from it again.
10. Completing the installation
After the application has rebooted, use the displayed URL to connect your browser
to the WebTitan DNS Proxy web-based user interface. The user interface will allow
you to complete the configuration of you WebTitan DNS Proxy application setup.
Administrator: admin
Password: hiadmin
Note: If your internet browser does not connect to the application, it is likely
because the network settings are misconfigured. You can fix the configuration by
logging into the console.
www.webtitan.com info@webtitan.com
10
Active Directory
In order for WebTitan Cloud to report on users, you must first import all your users
from your active directory server. These are then securely uploaded to WebTitan Cloud,
and in return unique identifiers will be returned for each user. Subsequently, when the
DNS proxy receives DNS requests, if it has a username -> IP mapping (from WebTitan
Active Directory Agent) for the source address of the DNS request, then these unique
identifiers will be used to form the metadata which is attached to the query that is
forwarded to WebTitan Cloud.
Navigate to the Active Directory tab under the Configuration section to add an
Active Directory Domain. Click Add and input your Active Directory Server
details and save.
In order to be able to synchronize users with WebTitan Cloud, you must specify your
WebTitan Cloud Credentials.
www.webtitan.com info@webtitan.com
11
WADA Installation
As Admin, launch an elevated command prompt and run WADA.msi with administrator
privileges and follow the steps in installation wizard.
You will be prompted to provide your WebTitan DNS Proxy hostname or IP address and
port number.
www.webtitan.com info@webtitan.com
12
Next you will be prompted to enter username and password for WebTitan AD Agent.
This user must be a member of the Event Log Readers group and Distributed COM users
group.
WebTitanServers is the only required parameter and may contain a list of URLs
separated with , that will receive IP/users list in HTTP POST requests.
www.webtitan.com info@webtitan.com
13
Other parameters are optional but maybe useful for debugging or customizing specific
needs:
DiscoveryThreads (default 10) - number of child threads used in the WMI discovery
process, each thread connects to a computer using WMI and it is done in parallel to
speed-up the initial discovery process.
DiscoveryIntMin (30) - number of minutes between discoveries (LDAP queries that
read list of available computers and then WMI checks).
LastLogonDays (365) - max number of days of the last logon to a machine so it is
checked against existing sessions with WMI, it is based on lastLogon LDAP attribute,
computers with higher number of idle days will be omitted.
TTLMin (60) - number of minutes after which an IP/user pair is removed from the
map if the active login session wasnt found on given IP during this period (either
using WMI checks, events from Event Logger or Network sessions enumerator).
EnumSessIntS (10) - number of seconds between enumerating Network Sessions,
note that Windows XP sessions are showing only for about 15 seconds, so dont
change this setting to a higher value or you may lose some information about active
logon sessions.
WMICheckIntS (60) - number of seconds between single WMI check on a specific
computer, this is to avoid flooding of Windows computers, so we dont hit them too
often.
WMIMaxCheckRetry (10) - number of retries when a WMI query to a specific
computer is failing, if after this number of retries it is still failing an error is logged
to a file waderror.log and the computer is not checked for active sessions with WMI
unless there is some activity from other sources (Event Logger or Network Sessions).
DC - name of the remote domain controller, may be used to run WADA on a different
computer on the network then the Domain Controller itself.
LogMinLevel Debug level. 0 = Full debugging
www.webtitan.com info@webtitan.com
14
If you have any questions or would like some assistance with set up,
one of our engineers will be happy to help.
Please contact us by email at helpdesk@webtitan.com or
Tel : +1 813 501 3610 (US) , +44 2037341040 (UK) or
+353 91 545555 (IRL).
www.webtitan.cominfo@webtitan.com