Adding multiple Active Directory(s) in firepower user agent

SuMyatLwin0903 · ‎09-27-2021

Hi All,

In my customer site, FMC is integrated with Active Directory (AD) to track the connection events with their respective AD usernames.

For this scenario, we used user agent installed on a separate VM and added primary AD and FMC address in this user agent. After setup, usernames in connection event logs can be seen.

For the next requirement, customer want to use multi-AD integration with user agent. If primary AD was down, secondary one should take over the action with user agent. My problem is that secondary AD doesn't work when active one is down and we can't see usernames in connection events even the same configurations in both ADs. AD failover works by itself. I doubt that multi-AD integration is not accepted by firepower user agent.

My customer is currently using ASA-5525X firepower series.

Hope your answers.

Su Myat Lwin

Marvin Rhoads · ‎09-28-2021

A given User Agent can connect to multiple AD instances. Have you run the User Agent troubleshooting tool to investigate the problem?

https://www.cisco.com/c/en/us/td/docs/security/firesight/user-agent/25/config-guide/Firepower-User-Agent-Configuration-Guide-v2-5/ConfigAgent.html#80455

Adding multiple Active Directory(s) in firepower user agent

Re: Cisco ISE with Microsoft Active Directory, Azure AD, and Intune

Firepower 1120 HA active/active

【原创】Firepower 6.3 新特性介绍: Multiple Instance

ISE - Active Directory Identity Source

Install Cisco Firepower User Agent for Active Directory.