10-31-2024 05:45 AM
Hello!
I need an help! I'm having an issue on the user identify on a FMC. I am using the new Passive Identity Agent.
I already opened a Cisco TAC, but they just says me that this is an AD issue and on the FMC and Agent the configuration is good.
My deployment is FMC 7.6, FTD 7.2 and AD running on Windows Server 2016.
In the CiscoPassiveIdentityAgent.log I found these errors:
2024-10-31 09:11:07,802 ERROR - Domain Controller 10.16.0.10 , Error occurred reading history events Invalid query
2024-10-31 09:11:07,802 ERROR - Domain Controller 10.16.0.10 , Error occurred reading history eventsInvalid query
Any tip on how to troubleshoot it will help me as I am with no ideas on how to find the error.
I attached the agent log with debug enabled.
Thanks in advance
Solved! Go to Solution.
10-31-2024 02:25 PM
Have you looked at the event viewer? More specifically, what is called in this doc? Also, it is probably worth reaching out to Microsoft support if Cisco TAC already reviewed and validated your configuration.
Thank you for rating helpful posts!
10-31-2024 02:25 PM
Have you looked at the event viewer? More specifically, what is called in this doc? Also, it is probably worth reaching out to Microsoft support if Cisco TAC already reviewed and validated your configuration.
Thank you for rating helpful posts!
11-01-2024 05:57 AM
Hi @nspasov! Thanks a lot!
This document helped me to solve the issue:
- there was no 4768 and 4770 event ID on the log
- I was able to see the logs enabling Audit Kerberos Authentication Service and Audit Kerberos Service Ticket Operations.
- The issue happened because on the past someone (we never are able to find who) enabled the Audit Account Lockout.
11-01-2024 06:11 AM
I am glad I was able to help solve the problem! Also, thank you for taking the time to come back and post the root cause and solution!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide