I have everything configured following the documents I found online. I see from the user-id logs the BF is being exchanged with the FW. My users login using pre-win2000 id's. (LNameFI) Verified by monitoring the id's and IP's in User-id app. So now to try testing. Most sites today require a long ID. Usually your email address. I went to a site that would match my category setup in the firewall and created a new account. I then logged into the site using my creds. No alerts or warning messages. I actually have the category set to 'Continue'. My thought is the pre-2000 login and my email address are not the same thing so no match. Can you direct User-ID Cred. to use an AD attribute? After all this setup I doubt I will catch many people using LNameFi as a login on the web. Or do I have a configuration issue and that's why it's not triggering. Please let me know what I should look at. Is it my config or just because the way we log into machines?
... View more