Create a Directory Query

You can create an Active Directory or LDAP query to retrieve information from Active Directory or LDAP to populate a Smart Rule. To work with directory queries, the BeyondInsight user must be a member of the Administrators group or assigned the Asset Management permission.

Create a new directory query or clone an existing query as follows:

  1. In the BeyondInsight Console, navigate to Configuration > Role Based Access > Directory Queries.
  1. Click Create New Directory Query + or click the vertical ellipsis for an existing query and select Clone.
  2. Select Active Directory or LDAP from the Directory Type list.

Cloned queries keep the same directory type as the query being cloned.

  1. Enter a name for the query in the Title field.
  2. Select a stored credential for running this query or click Create New Credential to be taken to the Directory Credentials page where you can add a new one.

At minimum, the credential must have Read permissions on the computer assets you are enumerating.

  1. Enter the directory path for the Query Target, or click Browse to search for a path and add it.
  2. Select a scope to apply to the container: This Object and All Child Objects or Immediate Children Only.
  3. Select an object type: Computer Objects or User Objects.
  4. Enter the directory path for the Query Target, or click Browse to search for a path and add it.
  5. Select a scope to apply to the container: This Object and All Child Objects or Immediate Children Only.
  6. Select an object type: Computer Objects or User Objects.
  7. Enable or disable the Dynamically refresh results each use option.
  8. Provide a Name and Description or use the * wild card character to match multiple values for the Basic Filter.
  9. Optionally, click Advanced Filterto provide an LDAP Query.
  10. Click Test to ensure the query returns expected results.
  11. Click Create Directory Query.

For more information, please see the following: