Solved

cannot get websense to use child domain user groups in filtering

Posted on 2008-10-07
2
1,377 Views
Last Modified: 2013-11-16
have websense installed and inegrated with checkpoint. primarily using the websense to filter traffic for the remote office that has an edge unit there. the central server as wel as filtering server is here in the main office, at the remote site I have a server that is running dc agent, and network service. problem is that I can only filter by IP address, whereas I am supposed to be able to filter by user groups.
I set up the central server to access ldap both at the primary site as well as the dc running the child domain in the remote office. finally got communication going as far as the ldap goes but now I get this

10/06/2008 19:02:19,Warning,WebsenseDCAgent,XidDcAgent,WsNTDomainsWinImpl.cpp:318,0x20010001,System error while enumerating the domain controllers. domain: RITANI-NY ecode: 6118 : message: The list of servers for this workgroup is not currently available

once again policy server is in a different location than the child domain. when I run net view /domain from the policy server I do not see the child domain in the list. Any help would be appreciated
0
Comment
Question by:GidonP
2 Comments
 
LVL 17

Assisted Solution

by:sgsm81
sgsm81 earned 150 total points
Comment Utility
Hi

Have you considered running Websense 7 which i believe has more flexibility ?

We had a similiar problem with AD integration via LDAP which seemed to work sporadically which is now OK since the upgrade.

NB an in place upgrade will currently not work as Websense have admitted a problem with the process, it will require a delete and re-install of Websense

Might be worth checking with Websense Support as well
0
 

Accepted Solution

by:
GidonP earned 0 total points
Comment Utility
resolved the issue by copying the DN straight from adsiedit, I guess I need to learn to type better. Also redid the root context and got it resolved. Mind you this was done while sitting on hold waiting for support. I am waiting for them to fix the in place upgrade issue before we upgrade.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Do you have users whose passwords are expiring and they are constantly calling you?  Well I sure did and needed a way to put an end to this.  We have a lot of remote users which would not be notified that their passwords were expiring since they wer…
Installing a printer using group policy preferences is not that hard let’s take a look at it. First lets open up your group policy console and edit the policy you want to add it to. I recommend creating a new policy for each printer makes it a l…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now