06-30-2022 12:00 PM
I have only one operational DC from where user Agent are getting userid/ip mapping info. Even though there are 1 other DC added at User agent but other 1 are part of Test Site.
How to confirm which dc actually providing user id and ip mapping to the user agent.
Refer to below doc and based on my current scenario, if technically user agent connecting to one dc which is not listed in user agent while knowing DC's do not share the security events ?
Cisco reference quote
If your Active Directory system has multiple domain controllers, enter the host name or IP address of the domain controller with which you want the user agent to communicate. (Active Directory domain controllers don’t share their security logs so you must have a separate user agent connection to each controller.) In a distributed or heavily trafficked system, you can optionally install more than one user agent as discussed in Deploy Multiple User Agents.**
Solved! Go to Solution.
07-04-2022 05:26 AM
ok did that.
06-30-2022 03:46 PM
This appears to be more of a Firepower question than one related to ISE/NAC. I would suggest moving/posting your question to the Network Security community section.
07-04-2022 05:26 AM
ok did that.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: