search cancel

Endpoint User Group Lookup Fails - User Belongs to No Group


Article ID: 159713


Updated On:


Data Loss Prevention Endpoint Prevent


An Endpoint Policy uses Active Directory for targeting user groups.  What happens when the Endpoint agent is unable to connect to the server because the agent machine is off the corporate network?


Active Directory information is cached at the Endpoint.  If a user is disconnected, then we used the cached AD information.  The only time there would be a problem is if we are never able to connect to the AD server.    If the User Groups are not available because they never connected in the Detection Request when needed, it is treated as if the User belongs to no groups and processing continues as normal.  If agent does not ever restart, it would re-ping AD for the current group information every seven days.  The default value of seven days is configurable.