The DC that works is a GC--but so are all the rest. This one's a head-scratcher.
-----Original Message----- From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Thursday, July 16, 2009 12:02 PM To: NT System Admin Issues Subject: RE: Any WebSense Gurus? Agreed with the others. You should not have to specify a DC in the config. Specifying the domain, it should be able to find a DC. Just a thought is the DC that is working a GC? Are the other ones on the list not GCs? Chris Bodnar, MCSE Sr. Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 -----Original Message----- From: tvanderk...@expl.com [mailto:tvanderk...@expl.com] Sent: Thursday, July 16, 2009 11:40 AM To: NT System Admin Issues Subject: RE: Any WebSense Gurus? I was going to say that we use WebSense here and I have never had to do anything other than give it the name of our domain. I have never given it a name or IP address of any DC. I did have to go in with one of their support person's help and add a number of service accounts to a list of names to not record. Other than that it just works. TVK -----Original Message----- From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Thursday, July 16, 2009 6:59 AM To: NT System Admin Issues Subject: RE: Any WebSense Gurus? The funny thing is, according to the WebSense docs you shouldn't have to point the agent to your DCs; it's supposed to automatically find them all. And I'm not sure exactly how DC Agent contacts the DCs. I read something in the documentation about TCP port 139. Would you be willing to put me in touch with your WebSense guy so I could pick his brain? -----Original Message----- From: Free, Bob [mailto:r...@pge.com] Sent: Wednesday, July 15, 2009 8:27 PM To: NT System Admin Issues Subject: RE: Any WebSense Gurus? We have the DC Agent setup and it needs to be able to contact each DC to determine logon status of the users. I believe it's in how you configure the agent, our setup requires that a user be authenticated within x period of time to be authorized to get through. Don't know what x is as I'm the AD guy not the websense guy...I do know he wasn't too happy when I added a new DC and neglected (well, actually, forgot) to tell him so he could update his websense config. -----Original Message----- From: Klint Price [mailto:kpr...@arizonaitpro.com] Sent: Wednesday, July 15, 2009 2:05 PM To: NT System Admin Issues Subject: RE: Any WebSense Gurus? Do you have users on multiple domains? In my websense, for 500 users, I have them going through a single DC. Klint -----Original Message----- From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, July 15, 2009 12:49 PM To: NT System Admin Issues Subject: OT: Any WebSense Gurus? We had a vendor come in and install WebSense on a server for us. However, the vendor is stumped by a problem and I figured I'd see if any of the pros here had a solution. I'm brand new to WebSense myself, so I can't help much. The vendor has been working with WebSense tech support, but apparently they're stumped, too. The issue seems to be that the DC Agent utility isn't correctly getting users' usernames. Not 100% of the time, though--just most of the time. As best I can tell, the utility isn't correctly polling all of the DCs in the network. Here's some sample output from the TestLogServer utility: ===== time=Wed Jul 15 15:43:53 2009 version=3 server=10.0.0.1 source=150.176.37.70 dest=66.165.70.6 protocol= "http" url= "http://www.woot.com/salerss.aspx"; port= "80" category= 17 (SHOPPING) disposition= 1026 (Category Not Blocked) app type= "" keyword= "" user= "" bytes sent=0 bytes received=0 duration=0 time=Wed Jul 15 15:43:53 2009 version=3 server=10.0.0.1 source=10.11.7.106 dest=150.176.95.205 protocol= "https" url= "https://150.176.95.205/"; port= "443" category= 97 (EDUCATIONAL INSTITUTIONS) disposition= 1026 (Category Not Blocked) app type= "" keyword= "" user= "LDAP://10.11.1.2 OU=Users,OU=PPS,DC=taylor,DC=k12,DC=fl,DC=us/George Clayton" bytes sent=0 bytes received=0 duration=0 ===== Notice that in the first entry, there's no username. There is in the second entry, though. The common thread is that every time a user is correctly identified, it's from the same DC: 10.11.1.2. So it appears that DC Agent is correctly polling that DC, but none of my others. All of them are listed in the dc_config.txt file, though. Any ideas what might be keeping it from talking to the other DCs? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 www.taylor.k12.fl.us NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
