Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
andersplarsson
Contributor

why does my stand alone Smart Event server authenticating towards the AD?

Hi,

Got two questions I cant get my head around which is:

1. why does my stand alone Smart Event server authenticating towards the AD?

2. Changed credentials for for access towards our AD and changed the credentials in the object "LDAP-Account-Unit" that the gateways are using and of course changed the credentials in our Identity Collectors and all looks fine so far. However our SmartEvent gateway is still using the old credentials and we get failed logins in the AD from this server. 

Were else are these credentials used in the Smart Event config and if only in the object "LDAP-Account-Unit" why is this not being updated. For the gateways I had to push and install policies but should not be needed or cant be done for the Smart Event host.

 

 

Regards,

Anders Larsson

0 Kudos
14 Replies
_Val_
Admin
Admin

SmartEvent gateway - you probably mean server?

Perform "Install Database" on this server from your main management server and check again.

andersplarsson
Contributor

Yes, server of course. the "Install Database" from main menu in SmartConsole? What exactly does that do? 

0 Kudos
the_rock
Legend
Legend

Val makes a good point, just do install database on it. Also, Im not sure what you mean by standalone smart event server...either its standalone (gateway + mgmt (mgmt part has SE enabled) OR its only mgmt that has smart even enabled OR it also could be separate dedicated smart event server ONLY.

0 Kudos
andersplarsson
Contributor

This is a separate dedicated Smart Event Server.

 

0 Kudos
the_rock
Legend
Legend

K, great. To answer yuour other ?, install database is literally as if you are pushing policy to the firewall, but you are updating database on the mgmt server.

andersplarsson
Contributor

But I see no authentications done with faulty credentials from the Management-blade. The faulty authentication comes only from Smart Event-host.

/Anders

0 Kudos
_Val_
Admin
Admin

You made auth changes through SmartConsole connected to your management server. To make changes effective on your SmartEvent server, install database on it. I think we mentioned that like 10 times already 🙂

_Val_
Admin
Admin

Perform local Install DB action then.

0 Kudos
_Val_
Admin
Admin

Although, I am a bit confused here. When you say "separate dedicated SmartEvent Server", what do you mean exactly? Is it or is it not part of your centrally managed environment? If it is a "standalone", how does it receive logs from your security system? Where SIC between this server and your FWs/log servers defined?

0 Kudos
the_rock
Legend
Legend

I could be wrong when I say this, but let @andersplarsson configm. I believe he has single mgmt, separate gw (cluster) and dedicated SE server only, so the logs are being forwarded to it from the mgmt server. Not 100% sure, but logically sounds like that might be the case.

Andy

0 Kudos
andersplarsson
Contributor

What I mean with stand-alone is that its not integrated or installed on same host as the management-blade.

Regards,

/Anders

0 Kudos
_Val_
Admin
Admin

So it is still managed from your SMS. Go to SmartConsole, connect to your SMS and install DB on your SmartEvent server. Let us know if it helps.

0 Kudos
andersplarsson
Contributor

Hi, forgot to reply to this. I have opened a TAC case and its still ongoing. The Made the "install database" but no change. 

Regards,

Anders Larsson

the_rock
Legend
Legend

Thanks for letting us know.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events