At a high level what is the process for RSA NetWitness to integrate at the command line with Active Directory? We have the web UI configured for this but the command line (ssh) itself is a bit of a stretch and it seems there are several routes you can take to accomplishing this task.
In the end my goal is to disable root logins to all my appliances via SSH and have all the users login to each system using their AD credentials.
We have a requirement to maintain traceability back to the individual user. We'll then enable sudo, setup auditd/sudo logging and go from there.
However it seems after reviewing the following document I have two choices.
1. Add all the appliances to AD as computer objects, join them to the domain (with DA account) and install additional packages and enable SMB/CIFS ports to/from the AD servers.
2. Native LDAP queries via nss, openldap and pam. *Requires uidNumber and gidNumber attributes for AD user/group objects.
I'm looking to limit as much as possible on my internal AD groups as this will end up being a 3 month process internally.
Anybody completed this and have an idea of the obstacles/hurdles you've run into?