Go to the table of contents Go to the previous page Go to the next page View or print as PDF
User Identification > DC Agent > Configuring DC Agent
Configuring DC Agent
Web Security Help | Web Security Solutions | Version 7.8.x
Related topics:
Use the User Identification > DC Agent page to configure a new instance of DC Agent, as well as to configure the global settings that apply to all instances of DC Agent.
To add a new instance of DC Agent, first provide basic information about where the agent is installed, and how Filtering Service should communicate with it. These settings may be unique to each agent instance.
Under Basic Agent Configuration, enter the IPv4 address or hostname of the machine on which the agent is installed.
Enter the Port that DC Agent should use to communicate with other Websense components. The default is 30600.
To establish an authenticated connection between Filtering Service and DC Agent, select Enable authentication, and then enter a Password for the connection.
Next, customize global DC Agent communication and troubleshooting, domain controller polling, and computer polling settings. By default, changes that you make here affect all DC Agent instances.
Some of these settings can, however, be overridden in a configuration file (see the Using DC Agent for Transparent User Identification technical paper).
Under Domain Discovery, mark or clear Enable automatic domain discovery determine whether DC Agent automatically finds domains and domain controllers in your network.
How often to Discover domains. Domain discovery occurs at 24-hour intervals, by default.
Whether DC Agent or User Service is responsible for performing domain discovery.
In many environments, it is preferable to use User Service for domain discovery.
If DC Agent is used for domain discovery, the service must run with domain or enterprise admin privileges.
When User Service is installed on a Websense appliance or Linux server, the page includes a Linux WINS Server Information section. A WINS server is required to resolve domain names to domain controller IP addresses.
If you have not already provided WINS information on the Settings > Directory Services page, enter:
The account name of an Administrative user that can access the directory service.
The Password for the account.
Domain information for the account.
In the Domain Controller Polling section of the DC Agent Communication box, mark Enable domain controller polling to enable DC Agent to query domain controllers for user logon sessions.
To perform domain controller polling, the DC Agent service needs only read privileges on the domain controller. Automatic domain discovery (steps 1 and 2) and computer polling (step 7) require that the service run with elevated permissions.
You can specify which domain controllers each instance of DC Agent polls in a configuration file (see The dc_config.txt file).
Use the Query interval field to specify how often (in seconds) DC Agent queries domain controllers.
Decreasing the query interval may provide greater accuracy in capturing logon sessions, but also increases overall network traffic. Increasing the query interval decreases network traffic, but may also delay or prevent the capture of some logon sessions. The default is 10 seconds.
Use the User entry timeout field to specify how frequently (in hours) DC Agent refreshes the user entries in its map. The default is 24 hours.
Under Computer Polling, check Enable computer polling to enable DC Agent to query computers for user logon sessions. This may include computers that are outside the domains that the agent already queries.
DC Agent uses WMI (Windows Management Instruction) for computer polling. If you enable computer polling, configure the Windows Firewall on client machines to allow communication on port 135.
If DC Agent performs computer polling, the service must run with domain or enterprise admin privileges.
Enter a User map verification interval to specify how often DC Agent contacts client machines to verify which users are logged on. The default is 15 minutes.
DC Agent compares the query results with the user name/IP address pairs in the user map it sends to Filtering Service. Decreasing this interval may provide greater user map accuracy, but increases network traffic. Increasing the interval decreases network traffic, but also may decrease accuracy.
Enter a User entry timeout period to specify how often DC Agent refreshes entries obtained through computer polling in its user map. The default is 1 hour.
DC Agent removes any user name/IP address entries that are older than this timeout period, and that DC Agent cannot verify as currently logged on. Increasing this interval may lessen user map accuracy, because the map potentially retains old user names for a longer time.
Click OK to return to the User Identification page, then click OK again to cache your changes. Changes are not implemented until you click Save and Deploy.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
User Identification > DC Agent > Configuring DC Agent
Copyright 2016 Forcepoint LLC. All rights reserved.