![]() If you configure a realm for an Active Directory server that includes or excludes users who are members of a secondary group on your Active Directory server, your server may be limiting the number of users it reports.īy default, Active Directory servers limit the number of users they report from secondary groups. Users are not included or excluded as specified in your realm configuration ![]() If the appliances are not synchronized, the system may perform user timeouts at unexpected intervals. If you notice the system performing user timeouts at unexpected intervals, confirm that the time on your User Agent or ISE device is synchronized with the time on the ASA FirePOWER module. User timeouts are occurring at unexpected times If you notice unexpected server connection behavior, consider tuning your realm configuration, device settings, or server settings. If your access control parameters are too broad, the ASA FirePOWER module obtains information on as many users as it can and reports the number of users it failed to retrieve in the task queue. When choosing which users and groups to include, make sure the total number of users is less than your model limit. The maximum number of users you can store and use in access control depends on your device model. User activity data is stored in the user activity database and user identity data is stored in the users database. If you configure a realm to download users (for user awareness or user control), the ASA FirePOWER module regularly queries the server to obtain metadata for new and updated users whose activity was detected since the last query. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |