Active Directory / Domain Controller
Yes. BLACKbox can be integrated to authenticate through Active Directory. It is required to create users manually in BLACKbox exactly as they are in the Active Directory. After doing so, if the user’s system is in the domain, it will authenticate through Active Directory.
For applying or changing the device hardening policy on the user’s windows desktop/laptop that is in a domain environment, the following procedure should be followed:
- The user should be temporarily moved to the domain admin.
- After the hardening policy is applied or changed, the user should be removed from the domain admin group.
Note: If there are any device hardening policies applied in AD, they will supersede BLACKbox device hardening policies.
BLACKbox can harden the device even in a workgroup environment (without a domain environment) and achieve state of the art enterprise IT environment.
If Active Directory is not used and users are created in BLACKbox and allocated to windows clients by installing BLACKbox agent, device hardening and enterprise policies can be applied, and high licensing costs on server license and Client Access License(CALs) can be saved.
No, BLACKbox users will not sync with those in the Active Directory. It is required to create users manually in BLACKbox, same as they are in Active Directory. After doing so, if the user’s system is in the domain, it will authenticate through Active Directory.
BLACKbox works in a workgroup environment with an agent deployed on each windows desktop/laptop for device hardening. Although BLACKbox does not work on the concept of a domain, it does work very well in the domain environment.