The IP addresses are not being mapped to the AD users and groups

Problem

When integrating the AD client with the Exinda appliance, the IPInternet protocol addresses are not being mapped to the users and groups on the Exinda appliance.

Solution

Logon auditing must be enabled for IP address to be mapped to the users.

You can investigate by verifying whether the domain controller is logging particular event IDs. If these events are absent then you will need to enable logon auditing.

In the Domain Controller, go to Event Viewer > Windows Logs > Security Logs.

  • For Windows Server 2008, 2008 R2, 2012, and 2012 R2, you should see Event ID #4624
  • For Windows Server 2003, 2003 R2, you should see Event ID #528 and 540.

If the Domain Controller is not logging these events, then you need to enable logon auditing on the domain controller and renumerate the AD client on the Exinda appliance.

  1. In the Domain Controller, go to Start menu > Administrative Tools > Group Policy Management Snap-in.
  2. In the Group Policy Management tree, go to your domain, expand the Group Policy Objects node, and select Default Domain Controllers Policy.

  1. Right click on Default Domain Controllers Policy and select Edit from the context menu.
  2. In the Group Policy Management Editor dialog box, expand the tree and select Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Audit Policy.
  3. In the policy list on the right, click on Audit logon events and ensure that Success is checked.
  4. On the Exinda appliance, go to Configuration > System > Network > Active Directory.
  5. Click the Renumerate button.
  6. Apply the changes by executing the following command using a CMD console in the Domain Controller: gpupdate /force