Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2622
Views
0
Helpful
5
Replies

Sourcefire User Agent Authentication error

shubhamkulkarni39
Level 1
Level 1

‎07-08-2015 10:40 AM - edited ‎03-12-2019 05:43 AM

Hi All,

I am facing major issue in Sourcefire User agent, we want to integrate AD with Sourcefire,

We added Ldap Connection in Sourcefire, that successfully added,

we tried to install User agent on AD, but there was requirement for .net framework and sql, we installed and run User agent, 

now User agent is installed, but when we try to connect with AD, fill all parameters Server IP, Domain, User name , Password, but there was continues error showing there was a error connecting to server, please check user name password and permission (1),

we have done DCOM, WMI, RPC seetings in AD, but still problem exists,

Exact error is: Authentication Error connecting to AD IP address
System.UnauthorizedAccessException: Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))
   at System.Management.ThreadDispatch.Start()
   at System.Management.ManagementScope.Initialize()
   at Tools.Troubleshooter.testADServerConnection()Unable to determine AD Server's OS. - 1

Can you help me for the same!

 

Thanks

 

3 people had this problem
Labels:
0 Helpful
5 Replies 5

Aaron O'Hare
Level 1
Level 1

‎11-05-2015 10:43 AM

What version of Windows is running on your DCs?

-AO

0 Helpful

wladimir.gruenemaier
Level 1
Level 1

‎12-10-2015 02:50 AM

Hi ,

i have the same problem. How did you solve it?

Thanks

0 Helpful

Pujita Patni
Cisco Employee
Cisco Employee

‎12-10-2015 05:36 AM

Hi,

I hope everything mentioned here is taken care of:

http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118637-configure-firesight-00.html

The username is a admin account ? Is it part of the domain ?

On Step 8, the doc suggests to enable "Allow" only to Remote Launch/Remote Activation. Can you also allow "Local Launch and Local Activation" as well and check.

Pujita

0 Helpful

john.cunningham
Level 1
Level 1

‎12-10-2015 06:07 AM

My similar issue was due to not being able to read the Security Events in Eventviewer. Nothing worked short of domain admin privs. A service account with elevated logging privs did not work. My less privileged but still very elevated account did not work. Our top AD guy custom made groups with specific logging rights. Still did not work. Still an issue. Perhaps the links in this thread will shed light.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card