Maintain Cached AD Users in Umbrella Virtual Appliance
Available Languages
Introduction
This document describes how to maintain or delete cached Active Directory (AD) users in the AD integration with Umbrella Virtual Appliances (VAs).
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on Umbrella Virtual Appliance.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Overview
The Virtual Appliance caches AD users and computer names against their unique source IP addresses. In rare circumstances, it can be necessary to check or delete the AD information which is cached against an IP Address.
This can apply when a user has been incorrectly associated with an IP address and you wish to immediately expire it.
Note: In normal scenarios, it is not necessary to manually expire users from the cache. Existing users are overridden when new users log on.
These steps are only necessary when the cache is incorrect due to a previous misconfiguration. See also our steps to create an Exception for an AD service account or Server IP.
Admap Tool
A restricted shell tool is available to check and clear the cache. Restricted shell is available by pressing CTRL+B on the appliance console.
These commands can be used to manage the cache, where <IPAddress> is replaced with the relevant Client IP:
config admap view <IPAddress>
config admap clear <IPAddress>
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
11-Sep-2025
|
Initial Release |
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)