IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Kaspersky Active Directory polling [INC000007803856] [Solved]
WonTonDon
post 3.06.2016 17:39
Post #1


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




Running: KSC 10.2.434
KES 10.2.4.674 & 10.2.535 MR1

Hi

If an object is deleted from Active Directory the object remains in Kaspersky until we manually delete it.

I understand the object can be removed from a group after X amount of days inactive but cannot find an option to remove it from the console completely through some sort of AD sync.

In the properties of Active Directory container, I have

-Poll current Active Directory domain' enabled

Please advise

Thanks!
Go to the top of the page
 
+Quote Post
Nikolay Arinchev
post 3.06.2016 20:52
Post #2


Technical Support Specialist
**************

Group: KL Russia
Posts: 11682
Joined: 5.10.2009




Hi,

I`m sorry I`m not sure I understood you correctly.
Are you trying to figure out is an object shold be remmoved from KSC after is was deleted from AD?

Thank yoU!


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Please evaluate support help by using "Rating" option!
Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!
Go to the top of the page
 
+Quote Post
WonTonDon
post 4.06.2016 21:44
Post #3


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




QUOTE(Nikolay Arinchev @ 3.06.2016 17:52) *
Hi,

I`m sorry I`m not sure I understood you correctly.
Are you trying to figure out is an object shold be remmoved from KSC after is was deleted from AD?

Thank yoU!


Yes. If I delete should object from AD, will it automatically remove from KSC?

Thanks!
Go to the top of the page
 
+Quote Post
Nikolay Arinchev
post 5.06.2016 07:57
Post #4


Technical Support Specialist
**************

Group: KL Russia
Posts: 11682
Joined: 5.10.2009




Hi,

All changes form AD should be transferred to KSC at AD scanning.

Thank you!


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Please evaluate support help by using "Rating" option!
Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!
Go to the top of the page
 
+Quote Post
WonTonDon
post 6.06.2016 02:44
Post #5


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




QUOTE(Nikolay Arinchev @ 5.06.2016 04:57) *
Hi,

All changes form AD should be transferred to KSC at AD scanning.

Thank you!


Hi Nikolay,

Thanks for your reply.

Can you please confirm if this should happen immediately or after a delay?

Thanks!
Go to the top of the page
 
+Quote Post
Dmitry Eremeev
post 6.06.2016 08:35
Post #6


Technical Support Specialist
**************

Group: KL Russia
Posts: 11266
Joined: 30.07.2014
From: Moscow




QUOTE(WonTonDon @ 6.06.2016 01:44) *
Hi Nikolay,

Thanks for your reply.

Can you please confirm if this should happen immediately or after a delay?

Thanks!


There is no explicit lifetime parameter for the polling results.
The implicit lifetime is equal to the polling interval.
The data received at the next polling completely replaces the old data.
Thank you.


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!

Please evaluate support help by using "Rating" option!


Go to the top of the page
 
+Quote Post
WonTonDon
post 6.06.2016 14:35
Post #7


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




QUOTE(Dmitry Eremeev @ 6.06.2016 05:35) *
There is no explicit lifetime parameter for the polling results.
The implicit lifetime is equal to the polling interval.
The data received at the next polling completely replaces the old data.
Thank you.




Thank for this information, however it does not seem to delete objects that have been removed since the last poll.



The poll is set to run every 60 minutes and succeeds.


So for example I have these objects in a managed group.

However those objects no longer exist in AD because they have been deleted.



I have to then delete this objects from KSC.



What I want to happen is an AD poll sees that the object it relates to in AD no longer exists and removes it from the console.



I wanted to confirm if there was anything that can be setup to achieve this or I need to continue doing it manually.

Attached File(s)
Attached File  objects.png ( 4,71K ) Number of downloads: 10
 
Go to the top of the page
 
+Quote Post
Kirill Tsapovsky
post 6.06.2016 15:39
Post #8


Technical Support Specialist
**************

Group: KL Russia
Posts: 11833
Joined: 3.12.2013
From: Moscow




QUOTE(WonTonDon @ 6.06.2016 13:35) *
Thank for this information, however it does not seem to delete objects that have been removed since the last poll.



The poll is set to run every 60 minutes and succeeds.
So for example I have these objects in a managed group.

However those objects no longer exist in AD because they have been deleted.



I have to then delete this objects from KSC.



What I want to happen is an AD poll sees that the object it relates to in AD no longer exists and removes it from the console.



I wanted to confirm if there was anything that can be setup to achieve this or I need to continue doing it manually.


Hello.

Please clarify whether the polling currently discovers new objects as they appear but fails to remove the deleted ones, or it simply fails to update altogether?

Thank you!


--------------------
In English: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces | klnagchk log
На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!
Please evaluate support help by using "Rating" option!
Go to the top of the page
 
+Quote Post
WonTonDon
post 6.06.2016 19:45
Post #9


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




QUOTE(Kirill Tsapovsky @ 6.06.2016 12:39) *
Hello.

Please clarify whether the polling currently discovers new objects as they appear but fails to remove the deleted ones, or it simply fails to update altogether?

Thank you!



Hi Kirill,

Thank you for your reply.New objects are discovered successfully, but fails to remove deleted ones.

Thank You!
Go to the top of the page
 
+Quote Post
Artem Ershov
post 6.06.2016 20:59
Post #10


Technical Support Engineer
**************

Group: KL Russia
Posts: 6599
Joined: 15.06.2015




Hi,

Are you telling that they are not removed automatically?
Can you delete them manually?

BR


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)
На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Please evaluate support help by using "Rating" option!
Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!


Подписаться на новости о корпоративных продуктах
Go to the top of the page
 
+Quote Post
WonTonDon
post 8.06.2016 12:20
Post #11


Advanced Member I
***

Group: Members
Posts: 154
Joined: 15.07.2015




QUOTE(Artem Ershov @ 6.06.2016 17:59) *
Hi,

Are you telling that they are not removed automatically?
Can you delete them manually?

BR



Thank you for your help on this. No further help required smile.gif
Go to the top of the page
 
+Quote Post
Dmitry Eremeev
post 8.06.2016 14:06
Post #12


Technical Support Specialist
**************

Group: KL Russia
Posts: 11266
Joined: 30.07.2014
From: Moscow




QUOTE(WonTonDon @ 8.06.2016 11:20) *
Thank you for your help on this. No further help required smile.gif


Please share your solution.
Thank you.


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!

Please evaluate support help by using "Rating" option!


Go to the top of the page
 
+Quote Post
MR_AndrewZ
post 20.04.2017 09:33
Post #13


Advanced Member I
***

Group: Members
Posts: 144
Joined: 4.05.2010




QUOTE(Dmitry Eremeev @ 8.06.2016 14:06) *
Please share your solution.
Thank you.


Hello! I'm too is interesting in solution, because I tested integration KSC with AD and have same problem. When I move PC in AD - it moves in KSC the same. But when I delete PC in AD - it leaves still exist in KSC and I must delete PC manually in KSC.


And one more question, please.



From documentation:
QUOTE
By clicking Advanced, you get access to domain scan settings:

Scan current Active Directory domain – the domain within which the Administration server is installed.
Scan current Active Directory domain forest – scan full corporate domain structure.
Scan specified Active Directory domains – lets you make a selection of domains to scan.


I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?


Thanks!
Go to the top of the page
 
+Quote Post
Dmitry Eremeev
post 20.04.2017 11:06
Post #14


Technical Support Specialist
**************

Group: KL Russia
Posts: 11266
Joined: 30.07.2014
From: Moscow




QUOTE(MR_AndrewZ @ 20.04.2017 08:33) *
Hello! I'm too is interesting in solution, because I tested integration KSC with AD and have same problem. When I move PC in AD - it moves in KSC the same. But when I delete PC in AD - it leaves still exist in KSC and I must delete PC manually in KSC.
And one more question, please.



From documentation:
I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?
Thanks!


Hello,

please state the exact build of KSC server.
Thank you.


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!

Please evaluate support help by using "Rating" option!


Go to the top of the page
 
+Quote Post
MR_AndrewZ
post 20.04.2017 23:38
Post #15


Advanced Member I
***

Group: Members
Posts: 144
Joined: 4.05.2010




QUOTE(Dmitry Eremeev @ 20.04.2017 11:06) *
Hello,

please state the exact build of KSC server.
Thank you.


KSC version 10.3.407

As i understand, AD polling/integration function wasn't changed since version 8.0, because documentation for 8, 9 and 10 version of KSC is the same. I did not find any global differences...

Thanks!
Go to the top of the page
 
+Quote Post
FMcGovern
post 16.05.2017 17:42
Post #16


Advanced Member II
****

Group: Members
Posts: 242
Joined: 6.06.2013




Bumping this thread. Would like to know solution as well and the answer to the following: "I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?"
Go to the top of the page
 
+Quote Post
Kirill Tsapovsky
post 17.05.2017 15:58
Post #17


Technical Support Specialist
**************

Group: KL Russia
Posts: 11833
Joined: 3.12.2013
From: Moscow




QUOTE(FMcGovern @ 16.05.2017 16:42) *
Bumping this thread. Would like to know solution as well and the answer to the following: "I can't understand what account KSC use for sync with AD in 1 and 2 items. In third item you specify address of AD and system account to use. In first and second - no account can be specified, but it works. How? With what credentials KSC polls AD?"


Hello.

For Active Directory polling to work properly, it is mentioned, the Administration Server must either have domain administrator permissions, or be running under a domain administrator account: AD polling is performed using the Administration Server service account.

Thank you.


--------------------
In English: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces | klnagchk log
На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!
Please evaluate support help by using "Rating" option!
Go to the top of the page
 
+Quote Post
FMcGovern
post 18.05.2017 18:14
Post #18


Advanced Member II
****

Group: Members
Posts: 242
Joined: 6.06.2013




Please see INC000007803856.
Go to the top of the page
 
+Quote Post
Dmitry Eremeev
post 18.05.2017 20:57
Post #19


Technical Support Specialist
**************

Group: KL Russia
Posts: 11266
Joined: 30.07.2014
From: Moscow




QUOTE(FMcGovern @ 18.05.2017 17:14) *
Please see INC000007803856.


Hello,

please wait reply in the incident.
Thank you.


--------------------
In english: GSI report | AVZ report | KSC10 Traces | KES10 Traces | KSC9 Traces | KES8 Traces(RUS) | klnagchk log(RUS)

На русском: Отчет GSI | Лог AVZ | Трассировки KSC10 | Трассировки KES10 | Трассировки KSC9 |Трассировки KES8 | Отчет утилиты klnagchk

Подписаться на новости о корпоративных продуктах

Пожалуйста, оцените оказанную помощь, используя опцию "Rating" в названии топика!

Please evaluate support help by using "Rating" option!


Go to the top of the page
 
+Quote Post
FMcGovern
post 22.05.2017 18:42
Post #20


Advanced Member II
****

Group: Members
Posts: 242
Joined: 6.06.2013




This can be resolved. For those wondering the answer:

QUOTE
AD scanning is made by Network Agent and not Administration Server service and if machine is joined into AD, it will have read privileges.

As you can see the local user that runs the Security Center has nothing to do with querying Active Directory but the Domain membership of the server.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 24.05.2017 04:24