Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
649
Views
0
Helpful
0
Replies

Child domain

elton@nsl.com.sg
Level 1
Level 1

‎06-28-2018 01:35 AM - edited ‎02-21-2020 07:55 AM

Dear Expert,

 

 I need help as it seems like design issue. I am end user of Cisco firepower version 6.2, my AD forest consist of parent AD xxx.com and child AD yyy.com. Majority of user and group created at the xxx.com but we do have small number users reside at yyy.com.

 

We setup user agent at I domain join PC, to capture all the DC log reside at xxx.com. And another PC to capture logs from yyy.com Dc.   2 realms was setup to each domains and we have both realms setup at the identify policy.   Passive authentication for xxx.com domain works well. However yyy.com is out of luck. 

 

At firesight, we are able to see domain yyy.com record at "active user" which consist of latest username with correct IP mapping in passive authentication type. However in the connection report, their identify is "unknown". Hence we are not able to configure user base ACL to control who can access facebook and youtube. 

 

We are currently controlling yyy.com with IP address however we need a much better solution to improve. We surfing the net, it seems like firesight doesn't support passive authentication in Parent-Child AD domain. Hence an work around solution is sought if this is the case.

 

Hope to gain good advise to resolve the case. I was thinking to great a security group at xxx.com that consist of users of yyy.com, but not sure if it is working.

 

thanks 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card