Active Directory Login Service

Updated 3 months ago by admin

The AD Login Service is a user identification tool for use with the USS Gateway network proxy. It listens for network logon events (event ID 4624) to the domain and then securely sends the user and device information to one or more gateways in order to automatically identify the user.

System Requirements

Please ensure the Microsoft .NET Framework 4.5 is installed

The following operating systems are supported:

  • Windows Server 2008 R2 (x64)
  • Windows Server 2012 (x64)
  • Windows Server 2012 R2 (x64)

Download Software

Version 1.0.4 - AD Login Service (560 Kb)

Installation

  1. Log on to the Windows server using a user account with local administrator rights.
  2. Run the downloaded ADLoginService.msi file
  1. Click Next and then select the folder to install the AD Login Service into.
  1. Click Next and then click Next again to confirm the installation.
  1. The installation files will begin copying.
  1. After a few moments, the installation will finish.
  1. Click Close to exit the installer.

Configuration

The AD Login Service is installs a configuration tool called AD Login Configuration which can be used to configure the service. Run this tool from the Start menu.

Gateway

It is possible to use multiple USS Gateway devices with the AD Login Service. All gateways must share the same API key and each gateway will receive all events.

To get your API key, go to the Authentication & Identification section of the local USS Gateway interface and:

  • Generate a new key and paste it into the API Key field in the configuration tool, or
  • Copy the existing key and paste it into the API Key field in the configuration tool

Once the API Key is set, add the IP address of each USS Gateway you want to send logon events to.

The Allow self-signed certification option allows the AD Login Service to work with the gateway, which out-of-the-box uses a self-signed certificate.

After adding or making changes to the Gateway list, you must click Save and Restart Service for the changes to take effect.

IP Filtering

It is possible to ignore logon events from specific IP addresses. Add each IP address in IPv4 format, one per line.

After adding or making changes to the IP Filtering list, you must click Save and Restart Service for the changes to take effect.

User Filtering

It is possible to ignore logon events from users by creating regular expressions to match usernames.

Usernames are logged in domain\username format rather than UPN, so the regular expression should follow this pattern

The patterns must be valid regular expressions.

To test the patterns are working, enter the username you want to ignore into the Test text box.

After adding or making changes to the User Filtering list, you must click Save and Restart Service for the changes to take effect.


How did we do?