Cisco Cisco Firepower Management Center 2000

multiple logins to the 
same host by 
different users

The system assumes that only one user is logged into any given host at a time, 
and that the current user of a host is the last authoritative user login. If only 
non-authoritative logins have been logged into the host, the last 
non-authoritative login is considered the current user. If multiple users are 
logged in through remote sessions, the last user reported by the Active 
Directory server is the user reported to the Defense Center.

multiple logins to the 
same host by the 
same user

The system records the first time that a user logs into a specific host and 
disregards subsequent logins. If an individual user is the only person who logs 
into a specific host, the only login that the system records is the original login.

If another user logs into that host, however, the system records the new login. 
Then, if the original user logs in again, his or her new login is recorded.

Unicode characters

The user interface may not correctly display user names with Unicode 
characters.

The agent does not report user names with Unicode characters to Version 4.10.x 
Defense Centers.

LDAP user accounts 
in the users database

If you remove or disable an LDAP user on your user awareness or RUA LDAP 
servers, or exclude the user name from being reported to the Defense Center, 
the Defense Center does not remove that user from the users database, and that 
user continues to count against your licensed limit for users listed in the 
database. You must manually purge the user from the database. For Version 5.x, 
note that the user license limit is applied in parallel for access-controlled users; 
the user count for access-controlled users depends on the number of users 
retrieved by your LDAP configuration.