we installed identity collector.and then i controlled to the users source.and i saw that firewall took users information both AD query and identity collector. Should ad query be closed?
Identity Collector was meant to replace ADQuery, particularly in large environments.
If you're getting identities from Identity Collector, it's probably safe to disable ADQuery.
i disabled Ad query. and fw can reach users login information with collector. but sometimes some users are falling in guest mode.fw can not reach login information for some users. there are 4000 users in company
Probably worth a TAC case to investigate why, assuming you're talking to the same AD servers with the Collector as you were with ADQuery.
Also, if I'm not wrong you can query from which source you're collecting each identity using the command "pdp monitor user".
Agree with Dameon: you can safely stop using ADquery while you use Identity Collector. What will continue happening is the group queries using LDAP.
Retrieving data ...