https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3215527#M1041611 <P>Hi,</P> <P>&nbsp;</P> <P>We couldn't find particular AD server agent IP segment is block, the ACL rules is permit and we can see the traffic go through in FW logging.&nbsp;</P> <P>&nbsp;</P> <P>Based on debug FMC agent, we found error message below, not sure related to our issue currently;</P> <TABLE width="896"> <TBODY> <TR> <TD width="64">10/17/2017 3:59:35 PM</TD> <TD width="64">error</TD> <TD colspan="12" width="768">[2317] - Unable to attach event listener to xxx.xxx.x.167. Check firewall settings on AD Server. The RPC server is unavailable</TD> </TR> </TBODY> </TABLE> Mon, 13 Nov 2017 10:53:24 GMT Looi Siew Key 2017-11-13T10:53:24Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3185305#M1041608 <P>Hi All,</P><P>&nbsp;</P><P>Currently we have an issue that FMC User Agent for AD that couldn't check "Real Time Status" and "Last Real Time status". But AD server still can poll to FMC, and on RDP server .167 FMC user agent can see all 3 AD server is actually in sync and poll time is correct.</P><P>&nbsp;</P><P>Not sure why other 2 server FMC user agent shown server .167 is in unknown state, but other 2 AD server is showing good result.</P><P>&nbsp;</P><P>* All 3 AD server poll with no issue, i believe it is comestic issue.</P><P>&nbsp;</P><P>FMC User Agent version : v2.3 build 10</P> Fri, 21 Feb 2020 14:18:57 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3185305#M1041608 Looi Siew Key 2020-02-21T14:18:57Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3195528#M1041609 <P>Hello there,</P> <P>&nbsp;</P> <P>It could be a communication issue or firewall on the .167 server which is blocking real-time comm from user agent.</P> <P>You can export the logs from user agent after enabling the "debug" option and then search for error or exception in those to get more details.</P> <P>&nbsp;</P> <P>Rate if helps.</P> <P>Yogesh</P> Sun, 08 Oct 2017 08:35:36 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3195528#M1041609 yogdhanu 2017-10-08T08:35:36Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3215527#M1041611 <P>Hi,</P> <P>&nbsp;</P> <P>We couldn't find particular AD server agent IP segment is block, the ACL rules is permit and we can see the traffic go through in FW logging.&nbsp;</P> <P>&nbsp;</P> <P>Based on debug FMC agent, we found error message below, not sure related to our issue currently;</P> <TABLE width="896"> <TBODY> <TR> <TD width="64">10/17/2017 3:59:35 PM</TD> <TD width="64">error</TD> <TD colspan="12" width="768">[2317] - Unable to attach event listener to xxx.xxx.x.167. Check firewall settings on AD Server. The RPC server is unavailable</TD> </TR> </TBODY> </TABLE> Mon, 13 Nov 2017 10:53:24 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3215527#M1041611 Looi Siew Key 2017-11-13T10:53:24Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3228518#M1041613 <P>Hello,</P> <P>&nbsp;</P> <P>You can try to install the agent on the AD itself and use "localhost" as the AD server name/address. This would eliminate the communication issue.</P> <P>&nbsp;</P> <P>Thanks</P> <P>Yogesh</P> Thu, 07 Dec 2017 11:32:11 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3228518#M1041613 yogdhanu 2017-12-07T11:32:11Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3304766#M1041615 <P>Was this resolve?, I have the issue and im running version 6.2.2, also I have a tac case but they havent be able to figure it out yet.</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 02 Jan 2018 12:55:57 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3304766#M1041615 sistematico 2018-01-02T12:55:57Z https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3305871#M1041617 <P>Hi Sistematico,</P> <P>&nbsp;</P> <P>We don't have solution yet on this case. Even generated debug logs but still unable to check where is the issue comes from.&nbsp;</P> <P>&nbsp;</P> <P>We checked on firewall on every side which doesn't block any port for sync.</P> <P>Please let us know if you tac engineer have solution on this. Thanks!</P> Thu, 04 Jan 2018 08:02:29 GMT https://community.cisco.com/t5/network-security/fmc-user-agent-for-ad-ad-server-status-unknown/m-p/3305871#M1041617 Looi Siew Key 2018-01-04T08:02:29Z