Endpoint User Group Lookup Fails - User Belongs to No Group
Article ID: 159713
Updated On:
Products
Data Loss Prevention Endpoint Prevent
Issue/Introduction
An Endpoint Policy uses Active Directory for targeting user groups. What happens when the Endpoint agent is unable to connect to the server because the agent machine is off the corporate network?
Resolution
Active Directory information is cached at the Endpoint. If a user is disconnected, then we used the cached AD information. The only time there would be a problem is if we are never able to connect to the AD server. If the User Groups are not available because they never connected in the Detection Request when needed, it is treated as if the User belongs to no groups and processing continues as normal. If agent does not ever restart, it would re-ping AD for the current group information every seven days. The default value of seven days is configurable.
Feedback
Yes
No
Powered by
