SpanVA DSS Users are not getting Synced into CloudSOC
search cancel

SpanVA DSS Users are not getting Synced into CloudSOC

book

Article ID: 276121

calendar_today

Updated On:

Products

CASB Advanced Threat Protection CASB Audit CASB Gateway CASB Gateway Advanced CASB Security Advanced CASB Security Advanced IAAS CASB Security Premium CASB Security Premium IAAS CASB Security Standard CASB Securlet IAAS CASB Securlet SAAS CASB Securlet SAAS With DLP-CDS

Issue/Introduction

SpanVA DSS Groups are getting synced into CloudSOC but not Users.

An example of SPANVA MONITORING logs:

2024-01-16 12:47:15,340 - activedir_sync - DEBUG - adsync_profile_1-All users from active directory server at ldap://XXXXXXXXXXXXXXXXXXXXX have already been sync'd. No new users
2024-01-22 08:28:49,919 - activedir_sync - INFO - adsync_profile_1-ad_base_dn:DC=COMPANYNAME,DC=CORP, ad_url:ldap://XXXXXXXXXXXXXXXXXXXXX, ad_admin_user:AD-BC_SpanVa@XXXXXXXXX20
24-01-22 08:28:49,923 - activedir_sync - DEBUG - adsync_profile_1-Syncing user/groups from active directory, full_sync=False, sync_once=True, sync_interval=3600 seconds
2024-01-22 08:28:49,926 - activedir_sync - DEBUG - adsync_profile_1-Deletion anomaly checking is not active.
2024-01-22 08:29:04,461 - activedir_sync - INFO - adsync_profile_1-Groups to add/update : 7
2024-01-22 08:29:04,480 - activedir_sync - DEBUG - adsync_profile_1-Completed syncing 7 new/updated groups from Active directory
2024-01-22 08:29:38,869 - activedir_sync - DEBUG - adsync_profile_1-Completed syncing 1384 new/updated users from Active directory
2024-01-22 08:29:38,995 - activedir_sync - INFO - adsync_profile_1-Number of invalid users 4364

Resolution

Many times when only users are not synchronized from LDAP it means attributes from LDAP and SpanVa do not match.

Make sure that the attribute setting configuration on CloudSOC >  Settings > CloudSOC SpanVA matches your configuration in SpanVa and your LDAP provider. 

The most common attribute used in SpanVa is an Email attribute, for which one chooses userPrincipalName after the change make sure to apply it in SpanVA synchronization [SpanVA > DSS > Sync]. Within approx 3-5 minutes users should start getting imported into CloudSOC. If not, you match the switch from userPrincipalName to mail make a synch, and then again apply it in the SpanVA synchronization.

Refer to Default directory sync user attributes

The other option is for users that are invalid and not synchronized because the domain for the UPN is not added as a secondary domain or the domain is not valid. 

Powered by Wolken Software