Table of Contents
Advertisement
Non-responsive workstation handling
The handling of non-responsive workstations to queries from WMI and NETAPI is optimized in Dell SonicWALL
Directory Services Connector. The appliance repeatedly polls the SSO Agent with multi-user requests, and often
sends more than one such request at a time. The number of concurrent requests increases when workstations do
not respond to the requests, potentially overloading the agent. To avoid this, a time-out mechanism is included
in multi-user requests from the appliance. If the request does not complete within this time, the agent silently
aborts it.
Configuring the DC security log method
See the following sections:
•
Using DC Security Log
•
Installing and configuring LogWatcher
•
Setting a group policy to enable audit logon on Windows Server 2003
•
Setting a group policy to enable audit logon on Windows Server 2008
Using DC Security Log
Dell SonicWALL Directory Services Connector provides an option for the SSO Agent to identify logged in user
information from the domain controller's Windows security log (DC security log or WSL). When using DC security
log method as the query source, Directory Services Connector fetches security logs from the configured domain
controller. The SSO Agent sends a login notification to the appliance as soon as it detects a user login.
The DC Security Log method works in a fully trusted domain environment where all users are domain users using
domain accounts to access Windows or Linux workstations.
The DC Security Log method can optionally be used with either NETAPI or WMI as a fall back to support user
identification from non-domain Windows PCs or domain PCs using local accounts. Altogether, there are four
query source options involving the DC security log:
•
DC Security Log — Users are identified from the domain controller's Windows security log; use this
option if all users log in to the domain.
•
DC Security Log + NETAPI — In addition to using the DC security log, this option provides a fall back to
using NETAPI to identify users. In case the SSO Agent fails to identify users from the domain controller, it
uses traditional NETAPI queries to the user's workstation to fetch user information.
•
DC Security Log + WMI — In addition to using the DC security log, this option provides a fall back to using
WMI to identify users. In case the SSO Agent fails to identify users from the domain controller, it uses
traditional WMI queries to the user's workstation to fetch user information.
•
DC Security Log + NETAPI + WMI— In addition to using the DC security log, this option provides a fall
back to using NETAPI or WMI to identify users.
To use DC security log method in Dell SonicWALL Directory Services Connector, ensure that the agent machine
has the following minimum requirements:
•
Multi-Core processors: two or more, or a dual CPU
•
Speed: 2GHz+
•
RAM: 2GB, minimum
NOTE:
For single core processors, CPU spikes might reach up to 100 percent periodically while using the
DC Security Log method in Dell SonicWALL Directory Services Connector. To avoid this, optimization is
provided for reading security logs. Also an option is available to read the security logs in current time,
minimizing the initial log processing time.
on page
40
on page
42
on page
on page
Dell SonicWALL Directory Services Connector 3.7
44
46
40
Administration Guide
Advertisement
Table of Contents
