I have a lab set up to test ACL's with AD users/groups.
3 VMware instances on one host machine:
Microsoft Server 2012 with Active Directory and DNS
Cisco Context Directory Agent
This host is connected to the "Server" interface of the firewall and both
DC/DNS = 192.168.1.100
CDA = 192.168.1.200
Windows 7 = Varied (change to test IP Mapping of CDA)
Host = 192.168.1.10
ASA = 192.168.1.1
I have full communication between all devices, firewalls disabled on host machines, and full any/any rules on the firewall to prevent any traffic from being blocked as I troubleshoot this.
The agent is connected up to the domain controller and does correctly map users to IP's as I log in/out.
The ASA has the agent configured and tests just fine when I use the Test button in ASDM.
From the ASA CLI I am able to query AD and pull a list of AD groups and users.
I have ACL's created that use the domain\user as the source with any/any just trying to see if anything will match.
When I go to monitoring>Identity>Users the users that I have in the ACL's appear as inactive.
Any assistance with this would be greatly appreciated. Previously I had this lab set up with the AD Agent and was able to get this to work with on-demand mode but not full-download. Now with CDA I am unable to get either going.
We’re excited to announce new capabilities with Secure Endpoint that allow you to simplify your security and maximize your security operations: Unify your security stack and reduce agent fatigue with Cisco Secure Client; harness integrated risk-based vuln...
Listen: https://smarturl.it/CCRS8E47 Follow us: twitter.com/CiscoChampion
Ransomware, fileless malware, and zero-day attacks continue to target organizations around the world. In response, organizations have resorted to deploying a variety of di...
This is a general information page for Cisco Threat Centric (TC-NAC) with ISE
Threat Centric Network Access Control (TC-NAC) feature enables you to create authorization policies based on the threat and vulnerability attributes received from the th...
The 2021 IT Blog Awards, hosted by Cisco, is now open for submissions. Submit your blog, vlog or podcast today. For more information, including category details, the process, past winners and FAQs, check out: https://www.cisco.com/c/en/us/t...
Cisco Secure Endpoint (formerly AMP for Endpoints) will decommission legacy cloud servers, which results in Legacy Windows Connector Versions 3.x/4.x and Mac Connector Version 1.0.x ceasing to ...