cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

432
Views
0
Helpful
1
Replies
pavelkulakov
Beginner

Context Directory Agent ip-to-user mapping missing (or being removed unexpectedly)

Hello!

We have encountered a problem with our Identity Firewall scheme recently (it works on CDA, 4 Microsoft 2012R2 DCs and Cisco ASA as a consumer device). We've noticed that some ip-to-user mappings are missing on CDA although users are in domain and stay online. All 4 DCs are up and operational and send security log to CDA. No errors were noticed on CDA's Live Log. Finally we were able to find a couple of users that disappear from Ip-to-address mapping list for no reason. What is the condition of mapping removal from CDA and what could be the possible source of a problem?

P.S CDA ver 1.0.0.011 patch 5

BR,

Pavel

1 REPLY 1
pavelkulakov
Beginner

Problem is solved. The issue was in test ASA device attached to CDA. It had unnecessary parameters (inactive and NetBIOS timers) because of which it sent mapping removal request to CDA. CDA then sent this request to production devices.

Content for Community-Ad