Cisco Cisco Firepower Management Center 2000

authentication object, contains connection settings and authentication filter settings for the server. The 
connection’s user and group access control parameters specify the users and groups you can use in access 
control rules.

If you want to perform user control, you must use Microsoft Active Directory. The system uses User 
Agents running on Active Directory servers to associate users with IP addresses, which is what allows 
access control rules to trigger.

For more information on setting up an LDAP connection with user awareness configuration, see the 
FireSIGHT System User Guide.

After you prepare the computer with all agent prerequisites, verify that the Active Directory security logs 
are enabled so the Active Directory server can record login data to these logs. Then, configure user 
permissions and Windows security permissions to allow the agent to communicate with the Active 
Directory server, access the security logs to retrieve login data, and optionally, retrieve logoff data. 

On the Active Directory server, select 

. 

Select 

.

If logging is enabled, the Security log displays. If logging is disabled, see 

 for information on enabling 

security logging.

Enable the Remote Administration firewall rule on the Active Directory server. You have the following 
options:

If the Active Directory server is running Windows Server 2003, see 

 for more information. 

If the Active Directory server is running Windows Server 2008 or Windows Server 2012, see 

 for more information.

Create a user on the computer where you installed the agent.