User Guide
1-14
Cisco Advanced Web Security Reporting Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Set Up Department Membership Query (Optional)
Set Up Department Membership Query (Optional)
Perform the set-up procedure for department membership requirements under these conditions:
• You will use AD/LDAP groups bound to roles in the Advanced Web Security Reporting application.
• You will run reports on data that are based on organizational roles.
Related Topics
• Restrict Access to Department Reports by Role, page 1-15
Set Up Department Membership Reporting
Before You Begin
• Linux users: Install ldapsearch tool using the following command:
sudo yum install openldap-clients
Step 1 Identify the AD/LDAP Group Base DNs in the Membership Script:
a. Open the appropriate membership script in a text editor:
–
Linux: <install_home>/etc/apps/cisco_wsa_reporting/bin/discovery.py
–
Windows: X:\<install_home>\etc\apps\cisco_wsa_reporting\bin\discovery.vbs
b. Edit the first four fields at the top of the header:
strComputer = 'ad_ldap_host'
strUser = 'cn=service_account,cn=Users,dc=my_directory,dc=net'
strPassword = 'service_account_password'
strGroupOUs = 'Group base DN;Group base DN;Group base DN'
c. Save the file.
Step 2 Enable use of the membership script by the inputs.conf script:
a. Open the inputs.conf script in a text editor:
<install_home>/etc/apps/cisco_wsa_reporting/local/inputs.conf
b. Search for the appropriate string:
–
# membership script Windows
–
# membership script Linux
c. Set disabled to false: disabled = false
Step 3 Restart Advanced Web Security Reporting.
Step 4 Verify that the script populated departments.csv with the user data:
<install_home>/etc/apps/CiscoWSA/lookups/departments.csv