Import the predefined Active Directory accelerator security rules into the Management Console.
Select the Management Console tree root node and click
Tree
Security Rule Set
.
The
Add Rule Set
window opens.
Enter "LDAP Rule Set" as the rule set name and click
OK
.
The LDAP Rule Set node appears in the Management Console tree.
Select the LDAP Rule Set rule set and click
Tree
Security Rule Set
.
The
Rule Editor
opens.
In the
Rule Editor
, click
Action
Import
.
The
Import
window opens.
Navigate to the following directory:
<Dynamic Data Masking installation>\Accelerators\ActiveDirectory\rules
Select the LDAPRuleSet.xml file and click
Import
.
The MatchTables rule folder appears in the
Rule Editor
.
Expand the MatchTables rule folder to view the LDAPActualUser rule and the BlackList and WhiteList rule folders.
Expand the BlackList folder to view the BlackList rules.
Select the MaskIfLDAPMatch rule and click
Action
Edit
.
The
Edit Rule
window opens.
In the class path field of the rule matcher, enter the file path to LDAP.jar.
You can find LDAP.jar in the following location:
<Dynamic Data Masking installation>\Accelerators\ActiveDirectory\lib\LDAP.jar
You must enter the correct class path even if you disable the MaskIfLDAPMatch rule. The Rule Engine reads every rule in the rule set and returns an error if the class path is incorrect.
Click
OK
.
The
Rule Editor
closes.
Expand the WhiteList folder to view the WhiteList rules.
Select the StopIfLDAPMatch rule and click
Action
Edit
.
The
Edit Rule
window opens.
In the class path field of the rule matcher, enter the file path to the LDAP.jar file.
You can find the LDAP.jar file in the following location:
<Dynamic Data Masking installation>\Accelerators\ActiveDirectory\lib\LDAP.jar
You must enter the correct class path even if you disable the StopIfLDAPMatch rule. The Rule Engine reads every rule in the rule set and returns an error if the class path is incorrect.
Click
OK
.
The
Rule Editor
closes.
Define tables with sensitive information in the MatchTables rule folder.
Define LDAP users in the LDAPActualUser rule or disable the rule to mask data based on user groups or attributes you define in the BlackList and WhiteList rules.
Define BlackList and WhiteList groups or attributes in the