5 Replies Latest reply on Jul 21, 2009 10:17 AM by SafeBoot

    AD Connector - Do I need it? Online guides?

      I'm having a hard time figuring out just what AD Connector does or if I even need it. Right now I go into EE Manager, add PC names to a group, add users to the PC name, and set up drive encryption parameters and such. I have a handful of machines configured and when they boot up I'm presented with a McAfee login screen and if the name and pw match Windows logs in automatically. And is there an online PDF or something that details how to install and configure it? The admin guide I have now is very vague regarding this tool. Thanks for any nudges in the right direction!!
        • 1. RE: AD Connector - Do I need it? Online guides?
          the Endpoint Encryption Administrator guide goes into it in real depth.

          basically, it synchronizes users between AD and EEM so you don't have to manage them in two places.
          • 2. RE: AD Connector - Do I need it? Online guides?
            Thanks!

            So I get into the AD Connector utility and found at least some configurations have been done (by a former employee) so I decided to try and run a sync to see what happens. I have one user (d5h5) in a special test group (SafeBootTest). However, the log indicates the user it finds isn't really a user. Here's the log details. Any ideas?

            07/21/2009 08:19:48 AM Starting synchronization
            07/21/2009 08:19:49 AM LDAP connection initialized
            07/21/2009 08:19:49 AM Connecting to dc-hvb-01.mydomain.org ...
            07/21/2009 08:19:49 AM LDAP logon successful
            07/21/2009 08:19:49 AM Searching...
            07/21/2009 08:19:49 AM checking search groups list
            07/21/2009 08:19:49 AM Checking if dn 'cn=SafeBootTest,cn=Users,dc=mydomain,dc=org' is a group
            07/21/2009 08:19:49 AM ldap reports = 0 (Success)
            07/21/2009 08:19:49 AM ...getting member attributes. (Count = 1)
            07/21/2009 08:19:49 AM Checking if dn 'CN=d5h5,CN=Users,DC=mydomain,DC=org' is a group
            07/21/2009 08:19:49 AM ldap reports = 0 (Success)
            07/21/2009 08:19:49 AM Checking if dn 'CN=d5h5,CN=Users,DC=mydomain,DC=org' is a user
            07/21/2009 08:19:49 AM ldap reports = 0 (Success)
            07/21/2009 08:19:49 AM ...failed - not a user
            07/21/2009 08:19:49 AM Total 'member' count = 1
            07/21/2009 08:19:49 AM User objects count = 0
            07/21/2009 08:19:49 AM Directory search complete.
            07/21/2009 08:19:49 AM Cannot monitor changes - not supported with search groups.
            07/21/2009 08:19:49 AM Closing LDAP connection ...
            07/21/2009 08:19:49 AM checked 0 users (0 updated)
            07/21/2009 08:19:49 AM added 0 users
            07/21/2009 08:19:49 AM disabled 0 users
            07/21/2009 08:19:49 AM removed 0 users
            07/21/2009 08:19:49 AM Synchronization complete
            • 3. RE: AD Connector - Do I need it? Online guides?
              what's the objectclass of the "user" - you can check with the LDAP Browser, and what's the base filter you are using? (it should be (objectClass=organizationalPerson) )
              • 4. RE: AD Connector - Do I need it? Online guides?
                Ah ha!! I had "organizationPerson" instead of "organizationalPerson". I need new glasses. Thanks!
                • 5. RE: AD Connector - Do I need it? Online guides?
                  np. It always pays to check the obvious first. happy