User ID agent issues, one user logs off, another user "logs in" a gets the previous users ip address", times out eventually

Reply
Highlighted
Not applicable

User ID agent issues, one user logs off, another user "logs in" a gets the previous users ip address", times out eventually

3 questions:

Why does the Agent (and PAN) not get updated when a new user logs in?

What is the purpose of the “Enable user Identification Timeout” and the corresponding “User Identification Timeout (min.)” in the Agent? What will be the result if we disable this setting altogether? We do not use NetBIOS or WMI probing at this time.

User Identification Timeout is enabled and set to 180 min our agent. We believe this is why there was a 3 hour delay, but since the agent is updated from the AD logs every 5 seconds, I do not see the point in this setting. What is its intent? We plan to change it to 5 min. What will be the effect if we just disable it? "User Identification Timeout" provided no results in the support portal.


Accepted Solutions
Highlighted
L4 Transporter

Re: User ID agent issues, one user logs off, another user "logs in" a gets the previous users ip address", times out eventually

User Identification Timeout is set so that you may flush out older entries.

Typically you do want to set a Timeout value, even though when a new user logs into a particular IP address, the user to ip mapping will be created for that user (and the older user at that IP address may have logged out already)

The UserID agent does not track log out events so unless there is a timeout value set, you could potentially have an indefinite entry for a user / ip mapping and use up all the memory resources over time.

Hope this helps.

The following Tech Note has helpful info.

View solution in original post


All Replies
Highlighted
L4 Transporter

Re: User ID agent issues, one user logs off, another user "logs in" a gets the previous users ip address", times out eventually

I believe that the User Timeout settings determines how long the Agent will retain the User to IP mapping.

Typically it is recommended to keep this number at 1/2 of your DHCP lease time.

The reason is that the DHCP standard has users asking for their DHCP address ever 1/2 of their lease time.

So a user with a lease time of  16 hours, would have its DHCP address renewed at the 8 hour mark.

So if you configure your Timeout value to match 8 hours, when the user retains (or obtains a new IP address), the UserID mapping is now also updated.

There are many docs written that describe the UserID functionality, but do not specifically call out the User Identification Timeout value.

I had a to read a few of the docs to put it all together.

Hope this helps.

Highlighted
L4 Transporter

Re: User ID agent issues, one user logs off, another user "logs in" a gets the previous users ip address", times out eventually

User Identification Timeout is set so that you may flush out older entries.

Typically you do want to set a Timeout value, even though when a new user logs into a particular IP address, the user to ip mapping will be created for that user (and the older user at that IP address may have logged out already)

The UserID agent does not track log out events so unless there is a timeout value set, you could potentially have an indefinite entry for a user / ip mapping and use up all the memory resources over time.

Hope this helps.

The following Tech Note has helpful info.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!