Mapping Users and Host Name with IP Address using Active Directory

    NetFlow Analyzer by default displays the IP addresses of the Source and Destination that participate in the conversation in a network. In addition to this, an option to associate the IP addresses to Users or Host Name/ MAC address in the NetFlow Analyzer reports. The user name to IP address can be mapped using Active Directory or manually.

    If the IP address is not mapped to any user then "only the IP address" will be shown in the reports. Only after the user name is configured and the data gets collected, "user name(s)" will be in displayed reports. Carry out the procedure given below to configure the User Name - IP Address Mapping:

    • In the NetFlow Analyzer web client, navigate to Settings>NetFlow > User Name-IP Mapping.
    • The User Name - IP Mapping page provides two options. Select an option as per your requirement. The options are:
    1. Active Directory
    2. Manual Mapping
    3. DHCP

    Click the Active Directory tab available on top
    To get User Names from Active Directory and show it in NetFlow reports The details of the columns of the table are:

    Active Directory Details Description
    Server Name The names of the Active Directory servers from which the NetFlow Analyzer will associate user name with the IP address. In this case, all the Active Directory servers added to the NetFlow Analyzer will be listed.
    Assigned Devices The NetFlow devices assigned to that particular Active Directory server.
    Result The result imported from the Active Directory.
    Status The current status of the Active Directory's server connection with NetFlow Analyzer.
    Action To delete or edit the AD server details click on the respective icon here.
    View List To view the username and IP mapping details got from AD server.

    To enable, disable the AD server, select the required AD servers and click theEnable/Disable button
    To add a new AD server, click Add new link on the right side. and fill in the details

    Active Directory - ManageEngine Netflow Anlayzer

    • You can add new domains using Add new link.
    • Enter the Domain Name, User Name, and a Custom name for the Primary Domain Controller.
    • Enter the password of the Primary Domain Controller, and the names of the users to be excluded from the list

    Note: To assign devices,

    Select the devices, which you want to assign/re-assign to the selected AD server. All the available devices are listed in the Available Device(s) list. Select the devices and click right arrow. The selected devices are moved to the Selected Device(s) list. If you want to remove any device from the Selected Device(s) list, select the devices and click the left arrow. The removed devices will be moved back to the Available Device(s) list.

    • Click on the Save button to assign the selected devices to the selected AD server. Click Cancel to cancel the assigning of devices to the AD server.
    • After associating the devices with the AD server, the AD server and the assigned devices are listed in all the reports and also the interfaces menu.
    • Click the "View List" icon to view the list of IP addresses and Users mapped with the AD server.

    Manual Mapping

    The second tab in the User Name - IP Mapping page provides a provision of manually mapping the user name with IP address. You can create the mapping file in two formats: .txt and .csv

    The mapping format for

    • .csv file is <IP address,user name>.

    Sample:

    192.168.222.74,user1
    192.168.222.75,user2
    192.168.222.76,user3
    192.168.222.77,user4

    • .txt file is <IP address=user name>, and

    Sample:

    192.168.222.74=user1
    192.168.222.75=user2
    192.168.222.76=user3
    192.168.222.77=user4

    You can create the mapping file in any one of the two formats and import it into NetFlow Analyzer.

    Manual Mapping - ManageEngine Netflow Anlayzer

    Below the Enable/Disable option, a table with the mapping profiles and the devices assigned to it, appears on the screen. The details of the columns of the table are as follows.

    Manual Mapping Details Description
    Mapping Profile Name The names of the mapping profiles from which the NetFlow Analyzer will associate Host Name/MAC Address with the IP address. Click the profile name to view the devices assigned and modify the devices assigned.
    Assigned Devices The NetFlow devices assigned to the particular mapping profile.
    Actions Click the Clear Devices icon to clear the assigned devices. Edit the mapping profile to configure devices or import options by clicking the Edit icon. Delete the mapping profile by clicking the Delete icon.
    View List To view the username and IP mapping details imported into the current mapping profile.

    To add a new manual mapping profile, click on the Import link on the right side of the UI.

    • Enter the name of the mapping profile
    • To import the mapping file from the local host, click the Browse button in the file location field.

    Manual Mapping - ManageEngine Netflow Anlayzer

    • Select the file from the local machine (client machine) and click Open.
    • The mapping file in .txt or .csv will be imported.
    • To import the mapping file from the remote host, enter the host name or IP address of the remote machine, credentials (user name and password), port, protocol, time interval in minutes and time to start IN hours and minutes for scheduled import.

    Manual Mapping - ManageEngine Netflow Anlayzer

    • Click the Browse button in the file location field.
    • Select the file from the remote machine and click Open.
    • The mapping file in .txt or .csv will be imported.
    • If the name of the file to be imported changes dynamically, select the Change file name dynamically option

    Assign devices to the mapping profile

    • Select the devices, which you want to assign/re-assign to the selected profile. All the available devices are listed in the Available Device(s) list. Select the devices and click right arrow. The selected devices are moved to the Selected Device(s) list. If you want to remove any device from the Selected Device(s) list, select the devices and click the left arrow. The removed devices will be moved back to the Available Device(s) list.
    • Click the Save button to assign the selected devices to the selected profile. Click Cancel to cancel the assigned devices to the profile operation.

    After associating the devices to mapping profile, the profile and the assigned devices are listed in the table.

    Click the View List icon to view the list of all IP addresses and Users mapped with Manual mapping profile.

    DHCP

    The DHCP option helps map the Host Name/MAC Address using IP Address in all reports. Source & Destination IP Address of configured devices will be replaced by Host Name/MAC Address from the DHCP Servers.

    To add DHCP server, navigate to the DHCP tab under Settings > NetFlow > IP Mapping.
    Click on Import.
    Enter the Profile Name, select the Host Type.
    Import the file from your device.
    Assign devices to the DHCP server and Save the settings.

    The details of the columns of the table are given below:

    DHCP Server Details Description
    Server Name The names of the DHCP servers from which the NetFlow Analyzer will associate Host Name/MAC Address with the IP address. In this case, all the DHCP servers added to the NetFlow Analyzer will be listed.
    Assigned Devices The NetFlow devices assigned to that particular DHCP server.
    Result The result imported from the DHCP server.
    Status The current status of the DHCP logs.
    Imported Time The time when the DHCP server details were imported.
    Schedule Details The details of any scheduled imports or imports in progress.
    Action To delete or edit or clear the DHCP server details click on the respective icon .
    Clear Devices Clear the devices assigned to the DHCP server for IP Mapping.
    Delete Delete or remove the DHCP server for IP Mapping.
    View List To view the username and ip mapping details got from DHCP server.

    To edit or update the DHCP server details,

    • Click the Assign/Edit Devices icon to assign devices to the DHCP server. The Assign Devices screen pops up.
    • Select the devices, which you want to assign/re-assign to the selected DHCP server. All the available devices are listed in the Available Device(s) list. Select the devices and click right arrow. The selected devices are moved to the Selected Device(s) list. If you want to remove any device from the Selected Device(s) list, select the devices and click left arrow. The removed devices will be moved back to the Available Device(s) list. After associating the devices to DHCP server and the assigned devices are listed in the table.
    • Click Save button to assign the selected devices to the selected DHCP server. Click Cancel to cancel the assigning devices to the DHCP server operation.
    • Click Save button in the IP Mapping configuration page to save the settings again.

    Note:

    • A device can be added to only one DHCP server. It will not be displayed while creating new DHCP servers. The device can be reassigned to another server only after deleting it from the existing server.
    • User-IP Mapping can be prioritized in the System_properties.conf file in the following format:
      USER_IP_RESOLVE_PRIORITY=Manual,AD,DHCP

     

    For any queries, please contact our support team or email us at netflowanalyzer-support@manageengine.com