05-11-2017 09:19 AM - edited 03-12-2019 06:23 AM
Yes, we use our SourceFire and FirePower management application for our web filter as well. We've synced SourceFire up with our ActiveDirectory (AD) server for LDAP integration on our domain. We allow users in certain AD user groups access to certain sites depending on their job role. We already have all of the user group policies in place in the firewall. My question is when we add a user to a user group and save then deploy the policy, it takes a good while for that change to take effect for the end user even after the deployment completes. We've added users towards the end of the day and it seems to take overnight for the user to finally have access to those sites the following morning. However, we can add entries to our policy to whitelist a domain on the back end that bypasses AD and deploy it and it happens immediately after deploying. Does anyone know how long exactly this is supposed to take usually or if there's a setting we can change to not have this take so long? Let me know if you need any more information.
Thank you in advance for your help!
Solved! Go to Solution.
05-11-2017 10:23 AM
Firepower Manager downloads the users and Group information from the AD every 24 hours by default. I think the default time to do this is midnight or 1am. This may be why this works the next day for you. You can change this setting on the FMC to a shorter period in the location:
System>Integration>Realms>Edit Realm>User Download
05-11-2017 10:23 AM
Firepower Manager downloads the users and Group information from the AD every 24 hours by default. I think the default time to do this is midnight or 1am. This may be why this works the next day for you. You can change this setting on the FMC to a shorter period in the location:
System>Integration>Realms>Edit Realm>User Download
05-11-2017 11:25 AM
Thanks Rahul! I believe that was it. There's also a Donwload Now button to force a sync which is great!
Have a great day.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide