AD Reporting. How it works
The Active Directory reporting feature requires our InfraSOS AD Agent on a Windows server on your network to retrieve report data. This agent is a crucial component that facilitates the secure and efficient transfer of data between your Active Directory domain controller and the InfraSOS cloud service. For detailed instructions on installing the agent, refer to the "Agent Installation" guide, which provides comprehensive step-by-step procedures and tips to ensure a successful setup.
What is an AD Agent
The AD Agent is a specialized piece of software designed for installation on a Windows server. Its purpose is to retrieve data from the Active Directory Domain Controllers and deliver it to the InfraSOS service to retrieve reports.
The AD Agent installs as a Windows service and operates in the background. The service is named "InfraSOSAgent". Below is an example of how it appears in Windows Services:
The default root folder for Agent installation is: C:\Program Files\InfraSOS FZCO\Agent Service
To communicate with domain controllers AD Agent uses LDAP protocol (389 port)
After installation, the Agent will establish a WSS (WebSocket Secure connection) with our cloud service to retrieve data.
WSS (WebSocket Secure connection) - is an extension of the WebSocket protocol that provides a secure communication channel over the Internet. It uses Transport Layer Security (TLS) to encrypt data exchanged between the client and the server, ensuring that it is protected from eavesdropping and tampering. WSS supports authentication using certificates, allowing both parties to verify each other's identity before establishing a connection. This secure channel helps protect against various attacks, such as man-in-the-middle attacks and ensures compliance with security standards and regulations. Overall, WSS provides a secure and reliable communication channel for real-time web applications.
During the establishment of the WSS connection, the Agent provides a special certificate to the cloud service for agent identification. A certificate is generated when the user onboards a new agent in the InfraSOS portal. After onboarding, you need to download the certificate from the portal and move it to the main directory of an Agent. For more detailed information about onboarding a new AD Agent, please refer to the "Onboarding a new AD Agent" guide.
Below you can see a full diagram of agent communication flow:
Retrieving report data using AD Agent
When a user initiates loading a report via the portal, a detailed sequence of events is triggered to facilitate this operation. Initially, the user interacts with the InfraSOS Web Application to start the data retrieval process. Upon receiving the user's command, the InfraSOS Web Application forwards a request to the InfraSOS Cloud Service, signaling the start of the data retrieval operation.
Next, the InfraSOS Cloud Service sends a specific instruction to a designated agent to start collecting data. When the agent receives this instruction, it begins a new task tailored to handle the request efficiently. This task involves gathering the data as outlined in the user's initial request.
After the agent has successfully collected the necessary data, it sends it back to the InfraSOS Cloud Service. Once the cloud service receives the data, it processes it and then sends it to the InfraSOS Web Application. Finally, the InfraSOS Web Application gets the processed data and shows it to the user, completing the process of loading the report.
Below you can see a full diagram of the report data retrieving flow: