I had configured AD integration on my CSC module without problem. The agent is installed directly on AD server (Windows 2003 R2 64 Bit)
From User Identification Settings page seems to be all ok.
After this, I had configured a policy for account administrator that block all web traffic. If I try to open a web page from server, the policy work correctly, if I try to open a web page on another client (after logged in as administrator) the policy not work and I can access to all the internet page.
I try to debug the problem and I found this:
when browse internet page from AD server seems to be no problem:
2010-10-25T13:01:16+-200 <4820-3368> Detected user (L********\Administrator) logon from (192.168.0.11)
2010-10-25T12:46:02+-200 <4820-6584> Query Id for (192.168.0.11) and found user (L********\Administrator) in group (L*******\Administrators) for TTL (540)
when browse internet page from a client:
2010-10-25T12:40:37+-200 <4820-5780> Detected user (L*********\Administrator) logon from (192.168.0.133)
2010-10-25T12:44:05+-200 <4820-6848> Query Id for (192.168.0.133) but not found
Re: Cisco CSC SSM Active directory integration issue
OK, we haven't seen similar issues with XP and 6.3.1172.3.
Please check the following:
1. The machine should be part of the windows domain
2. File Sharing should be enabled on the client machine
3. "Remote Registry" Service should be enabled (by default it is not enabled in Vista)
4. On the windows firewall, select "Windows Management Instrumentation (WMI)" as an exception program to allow in bound WMI calls. Also, make sure the "File and Printer Sharing" is part of the exception list.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :