# Active Directory ## Connection Requirements {% stepper %} {% step %} ### IP Address or Hostname Provide either the IP address or hostname of the Active Directory host. This is the server to which the connection will be established. {% endstep %} {% step %} ### Port Specify the port number to use for the connection. This is optional; if no port is provided, the default `389` (used for LDAP) will be used. {% endstep %} {% step %} ### Username Enter the username that will be used by the OctoXLabs CSAM PLATFORM to fetch data from Active Directory. Make sure this account has the necessary permissions. {% hint style="info" %} **"read-only"**\ The provided user account must have rights on the Active Directory in order to read device data without making changes. {% endhint %} {% endstep %} {% step %} ### Password Enter the password for the username specified above. {% endstep %} {% step %} ### Domain Enter your organization’s fully qualified domain name (FQDN). This should be the domain where the Active Directory is located and will be used for authentication. Example: if your FQDN is `octoxlabs.local.com`, the domain name could be `OCTOXLABS` when using only the domain name for authentication. {% endstep %} {% step %} ### Certificate File Upload the Certificate Authority (CA) Root certificate here. This field is optional, but it is required if you plan to establish a secure LDAPS (LDAP over SSL) connection. {% hint style="info" %} **Note**\ You can export the Certificate Authority (CA) Root certificate by following this guide . {% endhint %} {% endstep %} {% step %} ### Timeout Define the maximum duration, in seconds, before the connection is automatically closed if there is no response. This field is optional and defaults to `30` seconds. Adjust this value if your network or server configuration requires a longer timeout period. {% endstep %} {% step %} ### Use Only Domain Name for Authentication Choose whether to use only the domain name (without the full FQDN) for LDAP authentication. For example, if your FQDN is `octoxlabs.local.com`, you would use `OCTOXLABS` as the domain name. {% endstep %} {% step %} ### Use Simple Authentication NTLM authentication is used by default. If you prefer to use Simple authentication (for LDAP configurations that do not support NTLM), you may enable this option. {% endstep %} {% step %} ### SSL Select whether to use SSL for a secure connection. This is optional; if not specified, the connection will default to unencrypted. {% endstep %} {% step %} ### Fetch Users Choose whether to retrieve user information from the Active Directory domain. This is an optional setting and is enabled by default. {% endstep %} {% endstepper %} {% hint style="info" %} Ensure the following ports are open for communication between the OctoXLabs Asset host and the Active Directory host: * TCP/UDP port `389` for LDAP connections. * TCP/UDP port `636` for LDAPS connections. {% endhint %} {% hint style="warning" %} **Attention**\ Please perform a **connection test** to ensure there is a valid connection to the host.\ When the discovery operation is finalized, you will be able to see the details on the **Assets** page. {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.octoxlabs.com/adapters/adapters/active-directory.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.