User directory entries

Use the Main > Policy Management > Resources > User Directory Entries page in the Data Security module of the Forcepoint Security Manager to view a list of users, groups, and computers that imported from a user directory such as Microsoft Active Directory or IBM Domino. CSV files are also supported.

Note: Because the page shows the results of a user directory import, administrators can view the list but cannot make changes.

These users, groups, and computers are possible sources or destinations of sensitive information within the organization.

Each entry shows the name of the user or group, the type of entry (user or group), the name of the directory server from which the entries were imported, and the distinguished name (DN) of the entry. (A DN is the name that uniquely identifies the entry in the directory. It is made up of attribute=value pairs, separated by commas.)

If there are too many users and groups to display on 1 page, use the Search for field to filter the display to just users and groups that meet certain criteria. You can filter user directory entry resources by entering free text, or enter an asterisk (*) to search all.

  • Use the from type field to select the type of entry to search for: All, Computer, Group, User, or OU.
    • For users, the system searches the Name, Login Name, Email, and DN fields.
    • For groups, it searches the Name, Email, and DN fields.
    • For other types of entries, it searches only the Name and DN.
  • Use the in field to select the specific directory server to search, or all servers.
  • Click Apply to apply the filter.

Use the radio controls to page through results.

Click Settings in the toolbar at the top of the content pane to add user directory servers, set the server order, or initiate a directory import. If you are using Risk- Adaptive Protection to determine actions permitted according to the user’s risk level, you can see the Risk Level of each user in the list. A value of 1 to 5 is shown only for users that were assigned to Risk-Adaptive Protection. Level 1 is set for users that are considered less risky for the organization; level 5 is for users that are considered to be most risky. The values are determined by Forcepoint Behavioral Analytics and sent to Forcepoint DLP.