Cisco Cisco Web Security Appliance S170 ユーザーガイド
400
I R O N P O R T A S Y N C O S 6 . 5 F O R W E B U S E R G U I D E
AsyncOS only creates an Active Directory computer account when you edit the
authentication realm Active Directory information or when the appliance reboots.
authentication realm Active Directory information or when the appliance reboots.
Note — To successfully join the Active Directory domain, the time difference between the
Web Security appliance and the Active Directory server should be less than the time specified
in the “Maximum tolerance for computer clock synchronization” option on the Active
Directory server. When you use Network Time Protocol (NTP) to specify the current time on
the Web Security appliance, remember that the default time server is time.ironport.com. This
may affect the time difference between the appliance and the Active Directory server.
Web Security appliance and the Active Directory server should be less than the time specified
in the “Maximum tolerance for computer clock synchronization” option on the Active
Directory server. When you use Network Time Protocol (NTP) to specify the current time on
the Web Security appliance, remember that the default time server is time.ironport.com. This
may affect the time difference between the appliance and the Active Directory server.
Some Active Directory environments automatically delete computer objects at particular
intervals for accounts that appear in active in order to clean up old computer objects.
However, AsyncOS does not automatically change the password for the computer account it
creates in an Active Directory server, so the computer account may appear inactive over time.
Therefore, if the Active Directory environment automatically deletes computer objects at
particular intervals, make sure the Web Security appliance computer account is created in a
container that is exempt from this cleanup process.
intervals for accounts that appear in active in order to clean up old computer objects.
However, AsyncOS does not automatically change the password for the computer account it
creates in an Active Directory server, so the computer account may appear inactive over time.
Therefore, if the Active Directory environment automatically deletes computer objects at
particular intervals, make sure the Web Security appliance computer account is created in a
container that is exempt from this cleanup process.
Red text indicates that the domain was not joined and no computer account was created.