Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
668
Views
0
Helpful
4
Replies

Cisco CSC SSM Active directory integration issue

Danilo Molini
Level 1
Level 1

‎10-25-2010 04:13 AM - edited ‎03-11-2019 11:59 AM

Hi All,

I had configured AD integration on my CSC module without problem. The agent is installed directly on AD server (Windows 2003 R2 64 Bit)

From User Identification Settings page seems to be all ok.

ad_integration.png

After this, I had configured a policy for account administrator that block all web traffic. If I try to open a web page from server, the policy work correctly, if I try to open a web page on another client (after logged in as administrator) the policy not work and I can access to all the internet page.

I try to debug the problem and I found this:

when browse internet page from AD server seems to be no problem:

2010-10-25T13:01:16+-200 <4820-3368> Detected user (L********\Administrator) logon from (192.168.0.11)

2010-10-25T12:46:02+-200 <4820-6584> Query Id for (192.168.0.11) and found user (L********\Administrator) in group (L*******\Administrators) for TTL (540)

when browse internet page from a client:

2010-10-25T12:40:37+-200 <4820-5780> Detected user (L*********\Administrator) logon from (192.168.0.133)

2010-10-25T12:44:05+-200 <4820-6848> Query Id for (192.168.0.133) but not found

Could anyone help me?

Regards

Danilo

Labels:
0 Helpful
4 Replies 4

Panos Kampanakis
Cisco Employee
Cisco Employee

‎10-25-2010 08:13 AM

What CSC version are you running?

What computers have the issue? Are the users Widnows 7, Vista, XP?

PK

0 Helpful

Danilo Molini
Level 1
Level 1
In response to Panos Kampanakis

‎10-25-2010 09:00 AM

The CSC version is the latest release (6.3.1172.3)

The computer client are XP.

0 Helpful

Panos Kampanakis
Cisco Employee
Cisco Employee
In response to Danilo Molini

‎10-25-2010 09:42 AM

OK, we haven't seen similar issues with XP and 6.3.1172.3.

Please check the following:

1.  The machine should be part of the windows domain

2.  File Sharing should be enabled on the client machine

3.  "Remote Registry" Service should be enabled (by default it is not enabled in Vista)

4.  On the windows firewall, select "Windows Management Instrumentation (WMI)" as an exception program to allow in bound WMI calls. Also, make sure the "File and Printer Sharing" is part of the exception list.

    Port 445 enabled

If the issue persists open a case with TAC.

I hope it helps.

PK

0 Helpful

Danilo Molini
Level 1
Level 1
In response to Panos Kampanakis

‎10-25-2010 09:48 AM

1) The machine is part of windows domain;

2) What do you mean with "file sharing"?

3) In the client machine?

4) The windows firewall is disabled.

Abount point 2 and 3, there is nothing of similar on CSC Administration guide.

Regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card