Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting   09/20/2017

      По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.  || Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published.
WonTonDon

Kaspersky Active Directory polling [INC000007803856] [Solved]

Recommended Posts

Running: KSC 10.2.434

KES 10.2.4.674 & 10.2.535 MR1

 

Hi

 

If an object is deleted from Active Directory the object remains in Kaspersky until we manually delete it.

 

I understand the object can be removed from a group after X amount of days inactive but cannot find an option to remove it from the console completely through some sort of AD sync.

 

In the properties of Active Directory container, I have

 

-Poll current Active Directory domain' enabled

 

Please advise

 

Thanks!

 

Share this post


Link to post
Share on other sites

Hi,

 

I`m sorry I`m not sure I understood you correctly.

Are you trying to figure out is an object shold be remmoved from KSC after is was deleted from AD?

 

Thank yoU!

Share this post


Link to post
Share on other sites
Hi,

 

I`m sorry I`m not sure I understood you correctly.

Are you trying to figure out is an object shold be remmoved from KSC after is was deleted from AD?

 

Thank yoU!

 

Yes. If I delete should object from AD, will it automatically remove from KSC?

 

Thanks!

 

Share this post


Link to post
Share on other sites
Hi,

 

All changes form AD should be transferred to KSC at AD scanning.

 

Thank you!

 

Hi Nikolay,

 

Thanks for your reply.

 

Can you please confirm if this should happen immediately or after a delay?

 

Thanks!

Share this post


Link to post
Share on other sites
Hi Nikolay,

 

Thanks for your reply.

 

Can you please confirm if this should happen immediately or after a delay?

 

Thanks!

 

There is no explicit lifetime parameter for the polling results.

The implicit lifetime is equal to the polling interval.

The data received at the next polling completely replaces the old data.

Thank you.

Share this post


Link to post
Share on other sites
There is no explicit lifetime parameter for the polling results.

The implicit lifetime is equal to the polling interval.

The data received at the next polling completely replaces the old data.

Thank you.

 

 

 

Thank for this information, however it does not seem to delete objects that have been removed since the last poll.

 

 

 

The poll is set to run every 60 minutes and succeeds.

 

 

So for example I have these objects in a managed group.

 

However those objects no longer exist in AD because they have been deleted.

 

 

 

I have to then delete this objects from KSC.

 

 

 

What I want to happen is an AD poll sees that the object it relates to in AD no longer exists and removes it from the console.

 

 

 

I wanted to confirm if there was anything that can be setup to achieve this or I need to continue doing it manually.

post-561654-1465209304_thumb.png

Share this post


Link to post
Share on other sites
Thank for this information, however it does not seem to delete objects that have been removed since the last poll.

 

 

 

The poll is set to run every 60 minutes and succeeds.

So for example I have these objects in a managed group.

 

However those objects no longer exist in AD because they have been deleted.

 

 

 

I have to then delete this objects from KSC.

 

 

 

What I want to happen is an AD poll sees that the object it relates to in AD no longer exists and removes it from the console.

 

 

 

I wanted to confirm if there was anything that can be setup to achieve this or I need to continue doing it manually.

 

Hello.

 

Please clarify whether the polling currently discovers new objects as they appear but fails to remove the deleted ones, or it simply fails to update altogether?

 

Thank you!

Share this post


Link to post
Share on other sites
Hello.

 

Please clarify whether the polling currently discovers new objects as they appear but fails to remove the deleted ones, or it simply fails to update altogether?

 

Thank you!

 

 

Hi Kirill,

 

Thank you for your reply.New objects are discovered successfully, but fails to remove deleted ones.

 

Thank You!

Share this post


Link to post
Share on other sites
Hi,

 

Are you telling that they are not removed automatically?

Can you delete them manually?

 

BR

 

 

Thank you for your help on this. No further help required :)

Share this post


Link to post
Share on other sites
Please share your solution.

Thank you.

 

Hello! I'm too is interesting in solution, because I tested integration KSC with AD and have same problem. When I move PC in AD - it moves in KSC the same. But when I delete PC in AD - it leaves still exist in KSC and I must delete PC manually in KSC.

 

 

And one more question, please.

 

2017_04_20_083055_500.jpgi.gif

 

From documentation:

By clicking Advanced, you get access to domain scan settings:

 

Scan current Active Directory domain – the domain within which the Administration server is installed.

Scan current Active Directory domain forest – scan full corporate domain structure.

Scan specified Active Directory domains – lets you make a selection of domains to scan.

 

I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?

 

 

Thanks!

Share this post


Link to post
Share on other sites
Hello! I'm too is interesting in solution, because I tested integration KSC with AD and have same problem. When I move PC in AD - it moves in KSC the same. But when I delete PC in AD - it leaves still exist in KSC and I must delete PC manually in KSC.

And one more question, please.

 

2017_04_20_083055_500.jpgi.gif

 

From documentation:

I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?

Thanks!

 

Hello,

 

please state the exact build of KSC server.

Thank you.

 

Share this post


Link to post
Share on other sites
Hello,

 

please state the exact build of KSC server.

Thank you.

 

KSC version 10.3.407

 

As i understand, AD polling/integration function wasn't changed since version 8.0, because documentation for 8, 9 and 10 version of KSC is the same. I did not find any global differences...

 

Thanks!

Share this post


Link to post
Share on other sites

Bumping this thread. Would like to know solution as well and the answer to the following: "I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?"

Share this post


Link to post
Share on other sites
Bumping this thread. Would like to know solution as well and the answer to the following: "I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?"

 

Hello.

 

For Active Directory polling to work properly, it is mentioned, the Administration Server must either have domain administrator permissions, or be running under a domain administrator account: AD polling is performed using the Administration Server service account.

 

Thank you.

Share this post


Link to post
Share on other sites

This can be resolved. For those wondering the answer:

 

AD scanning is made by Network Agent and not Administration Server service and if machine is joined into AD, it will have read privileges.

 

As you can see the local user that runs the Security Center has nothing to do with querying Active Directory but the Domain membership of the server.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×