Fire Power Defense Center External User Authentication - adding / removing users automatic ?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 12:31 PM - edited 02-21-2020 07:55 AM
We are using external authentication with our FMC and it is working correctly. My question is, do the user names get added automatically and removed automatically when they are added to the appropriate active directory group. Or is that process manual.
It seems the addition of the username is automatic.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-28-2018 01:41 PM
As long as Firepower have AD Trust relation, the Device passes the authentication to AD, so they do not stored locally.
BB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-29-2018 04:20 AM
I'm talking specifically about the Usernames that I see in the FMC, not the passwords. How are they added and removed for external users? Can it be automatic, based on what the FMC finds in the AD group?
This is for our access control reviews. If the usernames aren't automatically removed from FMC when removed from an AD group, then we must perform some kind of reconciliation report to make sure those usernames are taken out on a regular basis. It seems FMC should query AD periodically????
