10-25-2010 04:13 AM - edited 03-11-2019 11:59 AM
Hi All,
I had configured AD integration on my CSC module without problem. The agent is installed directly on AD server (Windows 2003 R2 64 Bit)
From User Identification Settings page seems to be all ok.
After this, I had configured a policy for account administrator that block all web traffic. If I try to open a web page from server, the policy work correctly, if I try to open a web page on another client (after logged in as administrator) the policy not work and I can access to all the internet page.
I try to debug the problem and I found this:
when browse internet page from AD server seems to be no problem:
2010-10-25T13:01:16+-200 <4820-3368> Detected user (L********\Administrator) logon from (192.168.0.11)
2010-10-25T12:46:02+-200 <4820-6584> Query Id for (192.168.0.11) and found user (L********\Administrator) in group (L*******\Administrators) for TTL (540)
when browse internet page from a client:
2010-10-25T12:40:37+-200 <4820-5780> Detected user (L*********\Administrator) logon from (192.168.0.133)
2010-10-25T12:44:05+-200 <4820-6848> Query Id for (192.168.0.133) but not found
Could anyone help me?
Regards
Danilo
10-25-2010 08:13 AM
What CSC version are you running?
What computers have the issue? Are the users Widnows 7, Vista, XP?
PK
10-25-2010 09:00 AM
The CSC version is the latest release (6.3.1172.3)
The computer client are XP.
10-25-2010 09:42 AM
OK, we haven't seen similar issues with XP and 6.3.1172.3.
Please check the following:
1. The machine should be part of the windows domain
2. File Sharing should be enabled on the client machine
3. "Remote Registry" Service should be enabled (by default it is not enabled in Vista)
4. On the windows firewall, select "Windows Management Instrumentation (WMI)" as an exception program to allow in bound WMI calls. Also, make sure the "File and Printer Sharing" is part of the exception list.
Port 445 enabled
If the issue persists open a case with TAC.
I hope it helps.
PK
10-25-2010 09:48 AM
1) The machine is part of windows domain;
2) What do you mean with "file sharing"?
3) In the client machine?
4) The windows firewall is disabled.
Abount point 2 and 3, there is nothing of similar on CSC Administration guide.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide