Solved: Both of these Microsoft

Nicolas BOULET · ‎04-03-2015

Hello,

i have a new farm with only DC2012R2 controlers. Tried to install the last version agent, but i can't start the service, or lauch the config interface.

Any news if it's compatible ?

thx

Pranay Prasoon · ‎04-04-2015

can you share snapshot of error message? I am 100% sure that UA 2.2 can be installed on 2012 R2. Please make sure Microsoft .NET Framework Version 4.0 Client Profile and SQL CE Version 3.5 are installed.

View solution in original post

Pranay Prasoon · ‎04-03-2015

Hi Nicolas,

CDA very much supports windows 2012R2 with Patch 3. However if you are looking for AD agent (old product) then I don't think it will support.

http://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/release_notes/cda10_rn.html

However you need to make sure that username and password that you provide on CDA for DC is for admin group or not. if it is then you need to have following registry setting on DC

For Windows 2008 R2,Windows 2012, and Windows 2012 R2, the Domain Admin group does not have full control on certain registry keys in the Windows operating system by default. In order to get the CDA to work, Active Directory admin must give the Active Directory user Full Control permissions on the following registry keys:

HKEY_CLASSES_ROOT\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}
HKLM\Software\Classes\Wow6432Node\CLSID\{76A64158-CB41-11D1-8B02-00600806D9B6}

In order to grant full control, the Active Directory admin must first take ownership of the key. To do this:

Step 1 Go to the Owner tab by right clicking the key.

Step 2 Click Permissions .

Step 3 Click Advanced .

If not then also you can make it connect, please follow section

Permissions Required when an Active Directory User is Not a Member of the Domain Admin Group on below link:-

http://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/release_notes/cda10_rn.html

Thanks

Nicolas BOULET · ‎04-04-2015

Ok, so CDA replace the FirePower AD Agent ?

It will work with the last Virtual Defenser Center 5.4.1 ?

Pranay Prasoon · ‎04-04-2015

Hi Guys,

Sorry I didn't realize this was in source fire section, CDA is only supported by ASA and PRSM. However for sourcefire I have seen many customer using SFUA 2.2 to query windows 2012 R2 and it works fine. Release notes don't specify R2 but it talks about 2012. But it should be supported

https://support.sourcefire.com/downloads/1467/fetch

https://support.sourcefire.com/downloads/1468/fetch

Please make sure that you make sure to have proper permission. See this document

http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/118637-configure-firesight-00.html

Nicolas BOULET · ‎04-04-2015

I only have new fresh installed Windows 2012 R2 domain controler. As an domain admin account i can install the agent, but the service can't start, and can't access the option panel

Pranay Prasoon · ‎04-04-2015

can you share snapshot of error message? I am 100% sure that UA 2.2 can be installed on 2012 R2. Please make sure Microsoft .NET Framework Version 4.0 Client Profile and SQL CE Version 3.5 are installed.

Nicolas BOULET · ‎04-05-2015

after install the SQL CE Version 3.5 on the 2012R2 controler, it works

thank's

mikgruff3 · ‎04-04-2015

I think we are comparing apples and oranges, The CDA agent is NOT the Sourcefire user agent? Am I off base here?

sgtjustice · ‎05-01-2015

Both of these Microsoft applications do not list Server 2012, let alone server 2012r2 as a supported OS for the installation as far as I have been able to find. Any note on this? The UA 2.2 documentation gives specific executable file names for the installation of those 2 components. (dotNetFx40_Client_x86_x64.exe and SSCERuntime-ENU.exe)

Any help is greatly appreciated!

Windows 2012 R2 compatibility with User AD Agent ?

Permissions Required when an Active Directory User is Not a Member of the Domain Admin Group on below link:-