During the Active Directory (AD) synchronization process via the SpanVA, user accounts belonging to domains that are not configured as Primary or Secondary in the CloudSOC tenant are automatically ignored. Currently, if these domains are added to the tenant at a later date, SpanVA does not automatically re-evaluate or sync the previously ignored users during incremental syncs.

Symptoms:

• Users from newly added domains do not appear in CloudSOC after an incremental AD sync.
• No specific error events or "Ignored User" logs are generated in the SpanVA logs for accounts belonging to unknown domains.

• Product: Symantec CloudSOC (CASB)
• Component: SpanVA (Spanning View Appliance)
• Feature: AD Sync / User Provisioning

SpanVA caches the status of user accounts during the discovery phase. If a domain is not recognized during the initial crawl, the associated users are flagged to be ignored. The sync logic does not currently trigger a re-validation of "ignored" accounts when the tenant domain list is updated. This behavior is tracked under Feature Request ISFR-3872.

To synchronize users after adding a new valid domain to the CloudSOC tenant, a Full Sync must be initiated. This forces SpanVA to bypass the cached "ignore" status and evaluate all users against the updated domain list.

1. Log in to the CloudSOC Console.
2. Navigate to Settings > SpanVA.
3. Locate the specific SpanVA instance handling AD Sync.
4. Initiate a Full Sync (Note: This process ignores existing cache and treats the synchronization as an initial discovery).
5. Verify that the users from the newly added domain are now populated in the Users tab.

Note: Performing a Full Sync does not impact production traffic or existing user data; it only ensures a comprehensive refresh of the user directory.

If you require the AD Sync to automatically detect domain changes without a manual full sync, please contact Broadcom Support or your Account Team to be added as an endorser for Ref: ISFR-3872.

For further guidance on SpanVA configuration, refer to the Official Cloudsoc SpanVA TechDocs.