Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Netadmin2020
Contributor

Identity Collector not fetching logins

Good morning!

I just finish with IDA Setup. The connections seems to be fine but I cannot see any logins. Is anything that I missing here?

identity 1.JPG

identity 2.png

identity 3.JPG

  

identity 4.JPG

identity 5.JPG

0 Kudos
Reply
11 Replies
PhoneBoy
Admin
Admin

What version/JHF of gateway?
Do you see any TCP connections between IDC and the gateway?

0 Kudos
Reply
Netadmin2020
Contributor

I manage to set it all working.

two questions:

a) I add 38 Domain Controllers and I read that the limit is 35 domain controllers per connector ..

b) how exactly the priority of identity works ? I mean each site has a central Domain Controller if this failed , how exactly the polling choose which will be the one that will pull the identity of a user ?

thank you 

0 Kudos
Reply
Martin_Valenta
Advisor

did you configure any rule with access role and installed that policy?

Also check logs for blade:Identity awareness

0 Kudos
Reply
PhoneBoy
Admin
Admin

You will need to deploy another IDC in this case.

Keep in mind that IDC is only acquiring the username, namely from the AD logs.
There is no "priority" for this part.
The gateway has to query AD for groups.
The priority in this case is ordered as you configure where "first to respond" wins.

Netadmin2020
Contributor

a) I have deploy 2 IDCs but they are exactly the same. Each pool that I have created included 38 DCs. (So can i divide it here 35 per DC?)

b) So mean that IDCs communicate with the AD pulls the information of each DC and sent it every 10 seconds to the gateways.?

0 Kudos
Reply
PhoneBoy
Admin
Admin

Each IDC should talk to no more than 35 AD (Log) Servers.
What configuration you use to achieve that is up to you.
If IDC learns the same thing from multiple AD (Log) servers within a few minutes, it’s only going to send it to the gateway once.

0 Kudos
Reply
Netadmin2020
Contributor

I have setup 2 IDC’s the second one is for redundancy. Each DC report for a different site. So each of one them is important. How can I do it ? 

0 Kudos
Reply
PhoneBoy
Admin
Admin

If you have two set up for redundancy right now with 38 AD servers, you will now need four.
The IDC instances should be set up close (network-wise) to the different AD servers. 

0 Kudos
Reply
Martin_Valenta
Advisor

we have exactly same kind of setup 36 AD and two IDC servers, each gateway is connected to both IDC. IDC will always keep in record firstly arrived event, other events for same IP,username are ignored.

0 Kudos
Reply
Netadmin2020
Contributor

As I said it is working now ! If it is possible someone to answer the above questions

0 Kudos
Reply
Netadmin2020
Contributor

Guys I have disabled the AD Query and now is only with the collectors.

The thing is I have cases that it does not identify a small number of users at all and a case that it has identify a user but  the traffic is dropped.

Please help

 

0 Kudos
Reply