Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using DC Agent for Transparent User Identification > Configure DC Agent to ignore certain user names
Configure DC Agent to ignore certain user names
Using DC Agent | Web Protection Solutions | v8.2.x, v8.3.x | 10-Dec-2016
The method that some Windows services use to contact domain controllers from user machines can cause the users logged on to those machines to be misidentified. For example, problems can be caused by:
*
The internal user names (Local Service and Network Service) that Windows XP assigns for processes to use for communication with domain controllers
*
Running Systems Management Server (SMS) on a client machine.
To prevent or work around possible misidentification, configure your transparent identification agent to ignore logon names that are not associated with actual users.
1.
Use the Windows Services tool to stop the Websense DC Agent service.
2.
Navigate to the web protection bin directory (C:\Program Files\Websense\Web Security\bin, by default).
3.
Use a text editor to either create or open ignore.txt.
 
* 
Note 
To set a size limit for the ignore list, use the MaxIgnoreListSize initialization parameter.
4.
Populate the file as follows. Place each entry on a separate line.
*
Add each user name that should be ignored on its own line. Web protection software ignores these users, regardless of which machine they use.
*
To add a user name/machine pair, enter the user name, followed by a comma, and then the machine host name or IP address (ypark,YPARK-WS1). In this case, web protection software ignores the specified user only on the specified machine.
*
To add a machine, enter an asterisk (*), followed by a comma, followed by the machine host name, IP address, or IP address range.
The following example shows correctly formatted entries:
anonymous logon
admin,WKSTA-NAME
*, WKSTB-NAME
*, 10.209.34.56
*, 10.203.34.1-10.203.34.255
In this example, the Windows 7 service account anonymous logon is ignored on all machines, the user name admin is ignored only when associated with machine WKSTA-NAME, and logons for WKSTB-NAME, 10.209.34.56, and the network range 10.203.34.1 to 10.203.34.255 are ignored.
5.
When you are finished making changes, save and close the file.
6.
Start the Websense DC Agent service.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Using DC Agent for Transparent User Identification > Configure DC Agent to ignore certain user names
Copyright 2016 Forcepoint LLC. All rights reserved.