Threatpulse Auth Connector (BCCA) unable to see users in the AD tree


Article ID: 167001


Updated On:


CDP Integration Server


Threatpulse Auth Connector (BCC) unable to see users in the AD tree
The auth connector is in a resource tree and not the main production tree where the users live
The auth connector runs and connects to the Cloud
BCCA debug log does not show any users being uploaded from the interesting domain.


The resourse domain, or the domain in which BCCA resides, does not have sufficient Active Directory rights to view objects in the main or production AD tree.  It is possible that a two way domain trust does not exist between the two trees.  To resolve the issue, install BCCA onto a member or domain controller located in the main production tree, or establish a two way trust between the two domains.


BCCA and BCAAA share common debugging parameters.  (Please refer to 000010313 for information on how to enable a BCAAA debug and Windows SSO debug.  Both of those debugging parameters work in BCCA.)  Use the BCAAA debug parameters in the BCCA.INI file.

Please do the following steps:

1.)  Enable BCCA and WindowsSSO debugging for the Threatpulse auth connector.  See 000010313 above for details.
2.)  Once the parameters have been place in the appropriate INI files, then stop and start the BCCA service on the Windows server.
3.)  Perform your testing and get the appropriate files as described in 000010313.
4.)  If there are no users in the WindowsSSO debug files, then the issue is related to insufficient rights.