Solved

cannot get websense to use child domain user groups in filtering

Posted on 2008-10-07
2
1,395 Views
Last Modified: 2013-11-16
have websense installed and inegrated with checkpoint. primarily using the websense to filter traffic for the remote office that has an edge unit there. the central server as wel as filtering server is here in the main office, at the remote site I have a server that is running dc agent, and network service. problem is that I can only filter by IP address, whereas I am supposed to be able to filter by user groups.
I set up the central server to access ldap both at the primary site as well as the dc running the child domain in the remote office. finally got communication going as far as the ldap goes but now I get this

10/06/2008 19:02:19,Warning,WebsenseDCAgent,XidDcAgent,WsNTDomainsWinImpl.cpp:318,0x20010001,System error while enumerating the domain controllers. domain: RITANI-NY ecode: 6118 : message: The list of servers for this workgroup is not currently available

once again policy server is in a different location than the child domain. when I run net view /domain from the policy server I do not see the child domain in the list. Any help would be appreciated
0
Comment
Question by:GidonP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 17

Assisted Solution

by:sgsm81
sgsm81 earned 150 total points
ID: 22666949
Hi

Have you considered running Websense 7 which i believe has more flexibility ?

We had a similiar problem with AD integration via LDAP which seemed to work sporadically which is now OK since the upgrade.

NB an in place upgrade will currently not work as Websense have admitted a problem with the process, it will require a delete and re-install of Websense

Might be worth checking with Websense Support as well
0
 

Accepted Solution

by:
GidonP earned 0 total points
ID: 22669905
resolved the issue by copying the DN straight from adsiedit, I guess I need to learn to type better. Also redid the root context and got it resolved. Mind you this was done while sitting on hold waiting for support. I am waiting for them to fix the in place upgrade issue before we upgrade.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question