Sourcefire 6.0 / FireSIGHT MC 6.0 - users do not fill
Edit: moved to Sourcefire category.
---
Hi all
I was wondering if someone can lead me in the right direction here, I have a customer running Sourcefire 6.0 with the MC FireSIGHT and am having a problem with the IP address for the mapping of the users. According to the analysis > users > users I have not all records. I went to the 'Kingdom' of configuration under itnegration that tests OK and configure the download of the user who pulls down groups so I know that the link to "The Kingdom" is there. The tasks show the successful with 2 groups and 293 users LDAP synchronization. Political identity has been installed with passive authentication and active directory user on the System Agent is installed and successfully tested. I noticed the following in the syslogs stored locally (change of name of host and user) and I wonder if it has something to do with it?
| 2 February 2016 12:31:36 SF - IMS HOSTNAME [30127]: [30170] SFDataCorrelator:UserIdentity [WARN] could not find the Kingdom for the user user1, area XX |
| 2 February 2016 12:31:35 SF - IMS HOSTNAME [30127]: [30172] SFDataCorrelator:UserIdentity [WARN] could not find the realm for user user2, area XX |
Any other information needed let me know.
Thank you
Keith
// // //
Hello
Check this: https://tools.cisco.com/bugsearch/bug/CSCux39125/?reffering_site=dumpcr
To get the users properly how associate their IP addresses, the solution is to change the 'Main area of AD' field in the configuration area for the short name of the domain. This name is visible in the message in the logs.
After you change this field, save the configuration of the Kingdom and to ensure that the user download continues to work as expected.
Kind regards
Aastha Bhardwaj
Rate if this is useful!
Tags: Cisco Security
Similar Questions
-
Firefox crashes at startup for a single user, but not another
Crash ID: bp-df3a48d7-363c-4d2f-87d3-f73902140723
Version: 31
Crashes at startup for a single user, but not another. Both are directors.
I uninstalled and reinstalled. No change to each user.
Crashes in safe mode as well (hold down the SHIFT key)
No present addons in the other user.
Ran Malwarebytes and cleaned
Ran CCCleaner and clean up all registry including uninstalled Firefox entries.This is not useful if firefox crashes at startup. because you cannot start to create the new profile.
-
Satellite Pro M30 - error message: the user is not authorized to update BIOS
Hello
I bought a Satellite Pro M30 of second hand. This one has the Bios 1.30... I would like to install the bios v1.70.
I am running Windows XP Pro SP3 and tried first update in Windows.
I however got the message "the user is not allowed to update BIOS.This message is quite surprising given that I have administrator privileges.
I read that you can use a floppy disk to update, but I did not...
So, is it possible to update the Bios with the CD?
See you soon,.
R.S.Hello
I checked the page European driver of Toshiba and found the version of BIOS 1.7 WIN in the field of ARCHIVES.
As you can see, it's a version of BIOS Windows and not a traditional version of the BIOS (trad BIOS can be updated using the diskette).
This BIOS win can be improved only from a running OS Win.In any case, I see that you have installed SP3. It could have a bad influence on the update of the BIOS.
Then maybe you should try to update the BIOS without SP3 installed?Remove SP3, download the good BIOS, unzip correctly and then try to run the BIOS update file.
_Ps: If you laptop then runs without problem a BIOS update is not necessary! _
Concerning
-
Users are not able to open jpg or pdf files in their RDP Session to a server terminal server
Nice day
We have 3 terminal servers, but users are not able to open files jpg or pdf on the 3rd Server terminal server. It is said that they need admin rights to do.Much needed suggestions there?:)Sincerely,RobertHi Rob,
Your question of Windows 7 is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the IT Pro TechNet public. Please post your question in the TechNet Forum. You can follow the link to your question:
http://social.technet.Microsoft.com/forums/en/category/WindowsServer/
Hope link above is useful.
-
The user may not delete the file from the folder on the server but can rename file
Hi all
Please suggest how to give permission to some folder so that the user may not delete all the files in the folder but can create, update, or RENAME the folder.
I gave permission where user is not able to delete the file, but the user is also able to rename the file or folder in this specific folder.Thanks in advance.
Hello
The question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.
http://social.technet.Microsoft.com/forums/en-us/winserverfiles/threads
-
I connect to my profile and I am not able to log in. The display shows "at the service of the user could not connect. User profile cannot be loaded... » » ?
Hello
These methods should help for Windows 7 or Vista.
References to Vista also apply to Windows 7.
You can try to fix it with Safe Mode - repeatedly press F8 as you bootup. The ADMIN account in trunk
Mode has no default password (unless someone has changed the password so it should be available).Some programs such as the updated Google (if you added the toolbar Google, Chrome or Google Earth)
has been known to cause this problem.Error message when you log on a Windows Vista-based or Windows 7 using computer a
Temporary profile: "the user profile Service has no logon. Unable to load the user profile.
http://support.Microsoft.com/kb/947215How to fix error "the user profile Service has no logon. User profile cannot be loaded. »
http://www.Vistax64.com/tutorials/130095-user-profile-service-failed-logon-user-profile-cannot-loaded.htmlHow to fix error "your user profile was not loaded correctly! You have been connected with a
temporary profile. "in Vista
http://www.Vistax64.com/tutorials/135858-user-profile-error-logged-temporary-profile.htmlBE VERY CAREFUL IF YOU USE THIS ONE:
DO NOT USE THE ACCOUNT HIDDEN ON A DAILY BASIS! If it corrupts you are TOAST.
-------------------------------------------------------------------------------------------------------------------------------------
For Windows 7:
How to enable or disable the built-in Windows 7 Administrator account
http://www.SevenForums.com/tutorials/507-built-administrator-account-enable-disable.htmlUse the Admin account hidden to lower your user account APPLY / OK then wear again to
ADMIN. This allows clear of corruption. Do the same for other accounts if necessary after the
above message.You can use the hidden - administrator account to make another account as an ADMINISTRATOR with your same
password (or two with the same password) use a test or difficulty to another.You can run the command Admin account hidden from the prompt here if
necessary.How Boot for Windows 7 System Recovery Options or use a Windows 7 boot disk.
http://www.SevenForums.com/tutorials/668-system-recovery-options.htmlWhat are the system recovery options in Windows 7?
http://Windows.Microsoft.com/en-us/Windows7/what-are-the-system-recovery-options-in-Windows-7How to create a Windows 7 system repair disc
http://www.SevenForums.com/tutorials/2083-system-repair-disc-create.html-------------------------------------------------------------------------------------------------------------------------------------
For Vista:
How to enable or disable the real built-in Administrator account in Vista
http://www.Vistax64.com/tutorials/67567-administrator-account.htmlUse the Admin account hidden to lower your user account APPLY / OK then wear again to
ADMIN. This allows clear of corruption. Do the same for other accounts if necessary after the
above message.You can use the hidden - administrator account to make another account as an ADMINISTRATOR with your same
password (or two with the same password) use a test or difficulty to another.You can run the command Admin account hidden from the prompt here if
necessary.This tells you how to access the System Recovery Options and/or a Vista DVD
http://windowshelp.Microsoft.com/Windows/en-us/help/326b756b-1601-435e-99D0-1585439470351033.mspxWhat are the system recovery options in Windows Vista?
http://Windows.Microsoft.com/en-us/Windows-Vista/what-are-the-system-recovery-options-in-Windows-VistaHow to create a Vista - free methods recovery disk
http://www.Vistax64.com/tutorials/141820-create-recovery-disc.html-------------------------------------------------------------------------------------------------------------------------------------
If you cannot access your old account, you can still use an Admin to migrate to another (don't forget
always leave to an Admin who is not used except for testing and difficulty account).Difficulty of a corrupted user profile
http://windowshelp.Microsoft.com/Windows/en-AU/help/769495bf-035C-4764-A538-c9b05c22001e1033.mspxI hope this helps.
Rob Brown - Microsoft MVP<- profile="" -="" windows="" expert="" -="" consumer="" :="" bicycle="" -="" mark="" twain="" said="" it="">
-
I forgot the user name, not able to log in to windows?
Received a computer from dell desktop of my son with XP Professional on this topic, after trying to add my name as a user I am not able to open windows. Ask me password and username type. Son said he never put an in any password. I don't know password, user name not. Help
Sorry to be late to respond to the answer. Nothing seemed to help, so took computer geek store, he has received to date. Had a software problem that they can fix it for $39.00. Thanks for the help keep up the good work. Anita
-
WinXP
user belongs to a domain and user does not belong to the local administrator or power users groups, or any custom group and the user is not part of the domain administrators group, but user show that it is adminI did a gpupdate/force and restart twice PC
Yet, user indicate it is always admin when we right click on Start menu and see the possibility to open all usersHi elena_ad,
Your question of Windows is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the public on the TechNet site. Please post your question in the below link:
http://social.technet.Microsoft.com/forums/en/winserverManagement/threads
-
failed to connect the user had not granted the type of logon required on this computer
W2K, Win XP Home, Win XP Vista Pro and al
Some win appear XP OS like win 2 k professional versions, others as XP Home appear as WP Pro builds.
The integrated network has a combination of these BONES still bastard licensed and the subject of errors occur"failed to connect the user didn't would have been granted the type of logon required on this computer.
What sets with that?
Never had this problem until that Microslop mixing and matching the OS with no sense of compatibility problems started
IS THERE ANOTHER OS THAT WORKS THERE... PLEASE EXPLAIN!
Frustrated and angry consumers of products Microslop
Dave R
check out this link and see how it works for you.
http://forums.techguy.org/networking/533210-solved-user-has-not-been.html
-
Error message: the user profile service has no logon. Profile of user was not found.
Just after that Microsoft updates yesterday we received the following message: the user profile service has no logon. Profile of user was not found.
The user is locked. I tried the system restore, but the computer does not. I don't have a disk of Vista to re - install. Peux-I re - install online? I have the product key.
Thank you
Joe R.
See if the information in the above tutorial will help you.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://windowshelp.Microsoft.com/Windows/en-AU/help/769495bf-035C-4764-A538-c9b05c22001e1033.mspx
Difficulty of a corrupted user profile
After creating the profile, you can copy the files from the existing profile. You must have at least three user accounts on the computer to perform these operations, including the new account that you created.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://support.Microsoft.com/kb/947242
A temporary profile is loaded after you connect to a Windows Vista-based system
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vista recovery media obtain and/or use the Partition Recovery Vista on your computer to the factory settings .
There is no Vista free download legal available.
Contact your computer manufacturer and ask them to send a recovery disk/s Vista set.
Normally, they do this for a cost of $ small.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In addition, ask them if you have a recovery Partition on your computer/laptop to restore it to factory settings.
See if a manual provided with the computer or go to the manufacturer's website, email or you can call for information on how to make a recovery.
Normally, you have to press F10 or F11 at startup to start the recovery process...
Another way I've seen on some models is press F8 and go to a list of startup options, and launch a recovery of standards of plant with it, by selecting the repair option.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Also ask them if it is possible to do the recovery disk/s since the Partition of recovery in case of hard drive failure or System Crash, when you are running correctly.
They will tell you how to do this.
Every computer manufacturer has their own way of making recovery disk/s.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Or borrow a good Microsoft Vista DVD (not Dell, HP, Acer, recovery disk/s etc).
A good Vista DVD contains all versions of Vista.
The product key determines which version of Vista is installed.There are 2 disks of Vista: one for 32-bit operating system, and one for 64-bit operating system.
If install a cleaning is required with a good DVD of Vista (not HP, Dell recovery disks):
At the startup/power on you should see at the bottom of the screen either F2 or DELETE, go to Setup/Bios or F12 for the Boot Menu
Go to your Bios/Setup, or the Boot Menu at startup and change the Boot order to make the DVD/CD drive 1st in the boot order, then reboot with the disk in the drive.
http://support.Microsoft.com/default.aspx/KB/918884
MS advice on the conduct of clean install.
http://www.theeldergeekvista.com/vista_clean_installation.htm
A tutorial on the use of a clean install
http://www.winsupersite.com/showcase/winvista_install_03.asp
Super Guide Windows Vista Installation
After installation > go to the website of the manufacturer of your computer/notebook > drivers and downloads Section > key in your model number > get latest Vista drivers for it > download/install them.
Save all data, because it will be lost during a clean installation.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://support.Microsoft.com/default.aspx/KB/326246
'How to replace Microsoft software or hardware, order service packs and upgrades, and replace product manuals'
See you soon.
Mick Murphy - Microsoft partner
-
Original title: Updatususer
I was checking the parental control to see what children are in and I found this new user in there. The user does not appear in the user accounts. Updatususer, is the name.
I tried to access any information in the file, but I see no file... even if it is said that the account was 9 hrs + connected. Is this a virus or some backdoor account made kids?
Thank you
It seems to be used by a program to update NVIDIA.
-
current user is not authorized to install or update applications
New installation of Vista, ran all THE updates.
Downloaded programs, install, but google picasa gives me the error message:
the current user is not allowed to install or update applications.
Research on the error message window gives me no solution to this problem.
Re-download/save to your desktop > right click on its Setup.exeo run as admin.
See you soon.
Mick Murphy - Microsoft partner
-
Microsoft office 2007 error 25004 by user install not supported on vista OS
SOMEONE HELP ME PLEASE ON THIS ERROR? I am trying to install microsoft office 2007 Ultimate SP1... but it kept showing this error in the middle of the installation.
ERROR 25004. -BY USER DOES NOT TAKE INSTALL.Thank you
Hi Pannakara,
Please use the forum for Support of Vista,
Please follow the instructions in this article and see if you can uninstall MS Office 2007. After completely uninstalled Office 2007, you can reinstall it if you wish.
http://support.Microsoft.com/kb/928218/en-us
Let us know if it works for you, Kevin
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think. -
User did not log on type on this computer. __
the problem:
Hello, trimmerda
Because you are unable to access an administrator account, unfortunately there more that we cannot do nothing because we cannot help to circumvent security.
You can back up your personal files and reinstalling Windows.
http://Windows.Microsoft.com/en-us/Windows/help/install-reinstall-uninstall
David
Microsoft Answers Support Engineer
Visit our Microsoft answers feedback Forum and let us know what you think. -
Renamed user AD not able to connect
Hi guys
I have a problem with a user with access to vFoglight through LDAP authentication. The user was renamed to AD. (name changed)
After the name change, the user is not able to connect.
In the audit trail, the user is first OK authenticated, and then in the same second there is a connection FAILURE.
I tried to remove the user from the vFoglight, wait for a while and then try to connect again.
I checked on the AD domain controller, and the user is authenticated OK
What is a SQL question?
Any ideas?
Hi, Lars
I hope you get a solution to your problem, but someone else might have the same problem,.
I will be the top my solution to the problem that just had.
We are in a process to rename all connections of users I have AD...
And once a connection of users has been renamed to AD, the user could not log on.
With no errors in the journal errror FMS or on our advertising servers.
New users was created in correct Foglight, but when the user tried to log on, but still had a connection error.
I found a solution that works for us.
I found that when I turned on debugging on FMS, I got this error message in the error log:
Cannot insert duplicate in the "dbo.sec_user_alias" object key The duplicate key value is (Michael dry).
We run the Foglight database on a Microsoft SQL Server, so I looked in the sec_user_alias of the table,
and even that I had deleted the former user in Foglight, the login name and the username was still in this table:
userAlias username isdeleted
str_xxx Michael dry F
So I just update the table of user with this name:
UPDATE sec_user_alias
SET username = 'Michael dry - old'
WHERE useralias = "str_xxx."
and then I could connect with the new login user name,
but all the settings for this user and config disappeared...
And as I have not talked with Quest/Dell about this, I don't know if this is allowed to do.
and I don't take any responsibility that it will work in your configuration.
Best regards.
Michael
Update: I found this: Knowledge Article 85132 - 'LDAP user cannot connect after LDAP name changed"- https://support.quest.com/SolutionDetail.aspx?id=SOL85132
Post edited by: Michael dry
Maybe you are looking for
-
Y410p Graphics Card upgrade Question
Last December, I bought a y410p and I am extremely satisfied with it, but I would like to ask in an another GT 755 m graphics card into the ultrabay slot, but I've been able to find a removable graphics for the y510p card. I was wondering if anyone k
-
How to know if someone copied a file on a USB?
If you have a person who you think access to your USB key, how do you know if they copied a file from your USB key on his computer?
-
mousepad started on start-up funds
I connect to a secondary user and soon as desk top boots upwards, the mouse pad is cut. pad LED goes red and I have no way to recover my files locked in the secondary user account. Admin account is ok, however, I need the files in this secondary acco
-
How to recover my password for windows live mail sign
I can't go back to Windows live mail using my original e-mail that I don't remember the password. Via a Hotmail account means that all my contacts are missing. How can I recover the password to the original address?
-
Why I can't open dtd CD 96 & 97 on my W7 laptop?
I have two important CD which was initially implemented for Windows 3.1 and Windows 95. They won't open on my Windows 7 Home Premium. I need research. Can someone help me please?