Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
129
Views
0
Helpful
1
Replies

Umbrella DC and AD connector issue

Go to solution
Amr Ali Mohamed
Level 1
Level 1

‎07-27-2024 11:19 AM

Dears,

one of our customers has a lot of DC at each site and just one active directory, is that required to create AD connector also at each site and assign it to a specific site with the DC on this site as the below screenshot the status is down for the DC and after I assign the AD connector with the two DC controller to be at the same site they work and the status changed to run 

AmrAliMohamed_0-1722104087489.png

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ccieexpert
Level 3
Level 3

‎07-27-2024 03:54 PM

Umbrella sites are different from regular "sites".

Within one umbrella site/ AD domain, you can only have a max of 2 AD connectors.. it is only provide really user to ip mapping, and user/group/computer info..

https://support.umbrella.com/hc/en-us/articles/360025825871-Guide-to-Active-Directory-Connector-Performance

One Connector is required for each Umbrella site.  Having multiple Connectors in an Umbrella site is possible, but is only required for redundancy purposes. Having additional Connectors places extra load on the Domain Controllers as they are duplicating the same function as the first Connector.  We recommend a maximum of 2 Connectors for each Umbrella site.

 

if you have your own internet connection at each satellite site/office, then you can have a umbrella VA their to process dns traffic incase the connection to HQ fails.

your issue with the ad connector may be connectivity or something like to poll all DCs. make sure you run the configuration script on each DC.

the logs may indicate the problem:

https://support.umbrella.com/hc/en-us/articles/230902468-Providing-support-with-AD-connector-logs

Hope that helps

**please rate as helpful if this is useful**

View solution in original post

0 Helpful
1 Reply 1

Go to solution
ccieexpert
Level 3
Level 3

‎07-27-2024 03:54 PM

Umbrella sites are different from regular "sites".

Within one umbrella site/ AD domain, you can only have a max of 2 AD connectors.. it is only provide really user to ip mapping, and user/group/computer info..

https://support.umbrella.com/hc/en-us/articles/360025825871-Guide-to-Active-Directory-Connector-Performance

One Connector is required for each Umbrella site.  Having multiple Connectors in an Umbrella site is possible, but is only required for redundancy purposes. Having additional Connectors places extra load on the Domain Controllers as they are duplicating the same function as the first Connector.  We recommend a maximum of 2 Connectors for each Umbrella site.

 

if you have your own internet connection at each satellite site/office, then you can have a umbrella VA their to process dns traffic incase the connection to HQ fails.

your issue with the ad connector may be connectivity or something like to poll all DCs. make sure you run the configuration script on each DC.

the logs may indicate the problem:

https://support.umbrella.com/hc/en-us/articles/230902468-Providing-support-with-AD-connector-logs

Hope that helps

**please rate as helpful if this is useful**

0 Helpful
Customers Also Viewed These Support Documents