Navigation Permits Expire - AD Groups

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Navigation Permits Expire - AD Groups

L1 Bithead

I recently implemented a policy that allows certain users who belong to a group in my Active Directory to go online. It seems to work well but after a while users report not being able to browse even if the LAN connection is maintained. The funny thing is that if you reboot the PC or simply block and unblock using the AD account the permissions are restored.

 

I would be grateful if I could get your help.

2 accepted solutions

Accepted Solutions

L3 Networker

I believe what you are looking for is this: Configure Cache Timeouts for User Mapping Entries 

 

It sounds like your users are timing out,and without them logging in again in one form or another, the User-ID mapping is not restored. Double check the "User Identification Timeout (min)" value.

View solution in original post

Increase the timeout a bit, see how it behaves and play around with the AD policy to block the PC before the cache time runs out.

Thank you

View solution in original post

4 REPLIES 4

L3 Networker

I believe what you are looking for is this: Configure Cache Timeouts for User Mapping Entries 

 

It sounds like your users are timing out,and without them logging in again in one form or another, the User-ID mapping is not restored. Double check the "User Identification Timeout (min)" value.

Increase the timeout a bit, see how it behaves and play around with the AD policy to block the PC before the cache time runs out.

Thank you

L3 Networker

@Alcs_altamirano 

 

I would recommend to start troubleshooting by capturing packets on the firewall and based on what you find in the packet capture , the troubleshooting would have to evolve from there.

 

If you still need help , I would recommend to open a support ticket.

 

Kavi

 

Ok gracias por el consejo.

  • 2 accepted solutions
  • 4095 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!