cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Identity Collector Single User assumption

Jump to solution

Does Identity Collector have the ability to assume that only one user is connected per computer, as AD Query does?

I like that identity collector can ignore RDP events from the initiating computer, but I'm unsure if it has the ability to do single user assumption, or if this is assumed by default. We have many shared computers where we want the current logged in user to be the assumed single user.

1 Solution

Accepted Solutions
Employee+
Employee+

Re: Identity Collector Single User assumption

Jump to solution

Kaspars Zibarts‌ - thanks for tagging me.

Hi David,

PDP saves only one user and machine per IP.

It means, that "Assume that only one user is connected per computer" option (which is configurable in AD Query) is always enabled in Identity Collector.

I saw you have mentioned this is the desired behavior for you. If there is someone needs this to be changed (to be configurable), you are welcome to open RFE with your local office and discuss it with me.

Thanks,

Royi Priov - Identity Awareness R&D.

4 Replies

Re: Identity Collector Single User assumption

Jump to solution

It's partially true. Only single user is supported per IP address but the latest security event will determine user-IP association. For example, user A currently associated with IP x.x.x.x. Then this user runs an application as another user B on the same machine. That will trigger security event that will be passed onto IDC and as a result now IP x.x.x.x will be associated with user B.

At least that's how it works for us and is causing headaches as we have typically two user IDs on aa machine. I know that version that supports two user IDs per IP is coming out but it doesn't sound that will help you.

Royi Priov‌ might have better comments

0 Kudos

Re: Identity Collector Single User assumption

Jump to solution

Are you saying that the Identity Collector does single user assumption? In example, the most recent user login event for an IP is the one that is associated with the IP, and previous user associations are revoked.

This is the only case I need from Identity Collector, as I can make exemptions for any machines that have simultaneous remote sessions (for us would only be a few servers, all other computers only allow one user signed in at a time).

0 Kudos

Re: Identity Collector Single User assumption

Jump to solution

That's correct sir!    I was about to suggest exclusion list but left it out. Great to hear of it works for you

Employee+
Employee+

Re: Identity Collector Single User assumption

Jump to solution

Kaspars Zibarts‌ - thanks for tagging me.

Hi David,

PDP saves only one user and machine per IP.

It means, that "Assume that only one user is connected per computer" option (which is configurable in AD Query) is always enabled in Identity Collector.

I saw you have mentioned this is the desired behavior for you. If there is someone needs this to be changed (to be configurable), you are welcome to open RFE with your local office and discuss it with me.

Thanks,

Royi Priov - Identity Awareness R&D.