Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 10 subscribers
  • Views 3521 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AD Sync Tool - LDAP

David Ashcroft

Hi all,

I am in the process of looking to migrate from our on-premise Sophos Enterprise (console version 5.5.1) to Sophos Central for Endpoint Protection. As part of this I would like to get a list of existing PCs into Central, and I believe the way to do this would be to install and confugure the AD Sync Tool from Sophos. After installing it, it is asking me for LDAP details. I have installed LDAP on one of our domain controllers, but this is far as I can get, I've never done anything with LDAP before and I don't think we currently use it for anything so I would appreciate any help with what to do and how to configure it after it has been installed in order to get this working specifically with Sophos Central.

Thanks in advance.



This thread was automatically locked due to age.
Parents
  • 0

    The main question is if your computers are controlled by Microsoft's Active Directory - if they are then you are good to go. LDAP is one of the ways used to query AD for its data which is what the tool does. In essence, you point it a the Domain Controller (or one of them if you have multiple) and tell it what OUs to read from and it populates a list of entries for the machines to migrate.

    If you are using local workgroups, however, you won't be able to do that because you won't have a central repository of knowledge.

    Please clarify if you are using AD or not in your environment.

     

    Here is the articles that can help you in this:

    https://community.sophos.com/kb/en-us/122264

     

    RichardP

    Program Manager, Support Readiness | CISSP | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.

  • 0 in reply to RichardP

    Thanks for the reply. Yes, we are using AD in our environment, I have already installed LDAP on one of our domain controllers, but I have no idea how to configure it ready for use with the Sophos AD Sync tool.

    Thanks

Reply Children
  • 0 in reply to David Ashcroft

    Hi,

    Here is the article you can refer how to install AD sync and see what are the LDAP filters used to find the users and groups,

     

    https://community.sophos.com/kb/en-us/121854

    SAJ
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • 0 in reply to SAJ

    Appreciated, thank you, it seems I was overthinking this to be honest, a lot of what i was doing was not needed. Most of the issues I was having were on my end.

    I noticed that the AD Sync tool only allows you to import users but not PCs. Is there a way to import all PCs in our environment into Central? This would be good because it would then allow us to see any PCs that may not have had the endpoint protection installed.

    Thanks.

  • 0 in reply to David Ashcroft

    Hi

     

    AD sync is for users and groups.

    Sophos Central AD Sync utility will import the following objects from the Active Directory:

    • Username
    • Login
    • Email address
    • Groups and the members of each group

    Note: Only groups with more than one member will be created.

     

    Whenever an endpoint agent is installed on a computer it will automatically get added to the Sophos central dashboard. There is no option to bing all the endpoints on the network to Central dashboard. You can send a setup email link to install it on every user`s endpoints via Sophos central dashboard.

    SAJ
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.
  • 0 in reply to SAJ

    Thank you for this. 

    Our environment is an enterprise environment. we are currently running Sophos Enterprise (Console version 5.5.1) and it is all on premise.

    Finally, I am looking for the best way to migrate all these PCs from the on premise enterprise version of Sophos endpoint, over to the endpoint on Central.

    Any advice on this is appreciated. I looked at some of the KB's but they either seem to not work or to be outdated. 

  • 0 in reply to David Ashcroft

    Hi David, 

    For Enterprise Console to Central migration, we do have a Migration Tool that can be used.

    Please review the following Portal with links to general information, documentation, and downloads. 

    Please let us know if you have any further questions. 

    Regards, 

    RodS

    Technical Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Unfiltered HTML