Hello all,
I have a bunch of questions regarding Identity Awareness... I have not yet managed to find related information to answer all my concerns, so I would very much appreciate it is someone could shed some light on the matter or point me into the right direction (links, docs etc).
In our environment (R80.30) we use Identity Collectors instead of running ad query, to get user information and the like. As I understand this information is received and processed by the gateways for pdp/pep. After capturing packets between the SMS and a domain controller I saw that there was DCERPC communication between the two, in order for the SMS to get information from the DCs security logs. Why is this needed? Isn't the Identity Collector responsible for obtaining this info? Why is this also needed on the SMS? I was under the impression that the SMS only used ldap/ldaps to communicate with the domain controllers. Where do the other communications come into play?
Thank you in advance.