Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
847
Views
0
Helpful
0
Replies

FirePower agent 2.5

Muhannad Abu Shamma
Level 1
Level 1

‎12-14-2019 03:23 AM - edited ‎02-21-2020 09:45 AM

Dears, 

 

i need help related to cisco bug: CSCux82436.

 

Cisco Firepower management Center pulls user activity from the DC's event viewer and binds an Active Directory user to an ip-adress. However, in this case when no event-ID is generated, the FMC still believe it's user 2 that is logged in. This creates access lists-problems and surf privileges if you use AD-group based access list control.

 

Event ID 4778 and 4779 is by default generated when the user switch accounts, this called Fast User Switching (FUS), this is not supported in FPR agent as i have understood, but i am wondering if there are any Cisco agents that do support reading these events, EX: ISE-PIC or TS agent?

 

Or there are any workarounds to solve the FUS issue with FMC?

 

Looking forward to hearing from you.

 

Regards,

Muhannad

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card