Implementation Guide
March, 2011
Subject to the terms and conditions set forth herein and in the License Agreement, NetWitness
Corporation hereby grants to Licensee a nontransferable, nonexclusive, limited license to use the
NetWitness Corporation computer software products, together with all documentation and other
materials accompanying such product(s) (together, the Software).
NetWitness Corporation | 500 Grove Street, Suite 300 | Herndon, VA 20170
If the appliance is connected to the internet then enter the following to download the openldap-
client package:
1. SSH into the device and run the following command from the command prompt:
If the appliance is NOT connected to the internet then you can download the openldap-client
package from the solution and copy it to the appliance. Once it has been copied onto the
appliance then perform the following to install the package:
1. SSH into the device, change directory to the location of the package, and run the
following command from the command prompt:
rpm -i openldap-clients-2.4.10-2.fc9.x86_64.rpm
URI ldap://ldapserver.ldapnet.local/
BASE dc=ldapnet,dc=local
URI ldaps://ldapserver.ldapnet.local/
BASE dc=ldapnet,dc=local
tls_cacertfile /etc/openldap/cacerts/server.pem
tls_cacertdir /etc/openldap/cacerts
Note: server.pem refers to the certificate (public key) of the LDAPS server which you
may need to acquire from the LDAPS server administrator so that the appliance will
recognize and accept the certificate of the LDAPS server.
##
## LDAP authentication
##
2. Click on the Files icon in the top right hand corner of the details pane.
##
## LDAP authentication
##
auth sufficient pam_unix.so nullok
auth sufficient pam_ldap.so use_first_pass
auth required pam_deny.so
3. Select the appropriate appliance from the Services column and hit the green + icon in
the users column.
6. Finally, select the group(s) that you want the user to be a part of and click OK.
or
or
3. Now the added Appliance should be listed in the Navigation Pane. Double click on the
appliance to connect.