Guest

Cisco ASA 5500-X Series Next-Generation Firewalls

Installation Release Notes for Cisco Active Directory Agent

  • Viewing Options

  • PDF (90.9 KB)
  • Feedback
README First for the Cisco Active Directory Agent

Table Of Contents

README First for the Cisco Active Directory Agent

Pre-installation Requirements


README First for the Cisco Active Directory Agent


Released: June 20, 2011

This document contains release information for the Beta release of the Active Directory Agent (AD Agent) 1.0.0.32, Build 539.

The AD Agent, which runs on a Windows server, monitors in real time a collection of Active Directory domain controllers for authentication-related events.

Active Directory (AD) Agent

Supported versions include Windows 2003, Windows 2008, and Windows 2008 R2.


Note Windows 2003 R2 is not supported for the AD Agent server.


Microsoft Active Directory

Supported versions include Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2.

Pre-installation Requirements

Before running the AD Agent Installer, you must install the following patches on every Microsoft Active Directory server that the AD Agent monitors. These patches are required even when the AD Agent is installed directly on the domain controller server.


Note When running the adacfg dc create command for the AD Agent installer, the installer displays a warning message listing the required Windows Server patches. See the Installation and Setup Guide for the Active Directory Agent for detailed installation instructions.


Windows Server 2003

No patch is required.

Windows Server 2008

http://support.microsoft.com/kb/958124

This patch fixes a memory leak in Microsoft WMI, which if left uninstalled can prevent the AD Agent from successfully connecting with that domain-controller and achieving an "up" status.

http://support.microsoft.com/kb/973995

This patch fixes a memory leak in Microsoft WMI, which if left uninstalled can sporadically prevent Active Directory from writing the necessary authentication-related events to the Security Log for that domain-controller and would prevent the AD Agent from learning about the mappings corresponding to some of the user logins that authenticate through that domain-controller.

Windows Server 2008 R2

When the server is running Service Pack 1 (SP1), the following patch is not required.

http://support.microsoft.com/kb/981314

This patch fixes a memory leak in Microsoft WMI, which if left uninstalled can sporadically prevent Active Directory from writing the necessary authentication-related events to the Security Log for that domain-controller and would prevent the AD Agent from learning about the mappings corresponding to some of the user logins that authenticate through that domain-controller.