Solutions

Threatpulse Auth Connector (BCCA) unable to see users in the AD tree

Solutions ID:    KB4581
Version:    1.0
Status:    Published
Published date:    08/23/2011
 

Problem Description

Threatpulse Auth Connector (BCC) unable to see users in the AD tree
The auth connector is in a resource tree and not the main production tree where the users live
The auth connector runs and connects to the Cloud
BCCA debug log does not show any users being uploaded from the interesting domain.

Resolution

The resourse domain, or the domain in which BCCA resides, does not have sufficient Active Directory rights to view objects in the main or production AD tree.  It is possible that a two way domain trust does not exist between the two trees.  To resolve the issue, install BCCA onto a member or domain controller located in the main production tree, or establish a two way trust between the two domains.

TROUBLESHOOTING:

BCCA and BCAAA share common debugging parameters.  (Please refer to KB2934 for information on how to enable a BCAAA debug and Windows SSO debug.  Both of those debugging parameters work in BCCA.)  Use the BCAAA debug parameters in the BCCA.INI file.

Please do the following steps:

1.)  Enable BCCA and WindowsSSO debugging for the Threatpulse auth connector.  See KB2934 above for details.
2.)  Once the parameters have been place in the appropriate INI files, then stop and start the BCCA service on the Windows server.
3.)  Perform your testing and get the appropriate files as described in KB2934.
4.)  If there are no users in the WindowsSSO debug files, then the issue is related to insufficient rights.

 


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question