Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 2 subscribers
  • Views 12641 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Protection reporting not showing usernames

charlie145
Model: ASG120
Firmware version: 9.201-23

We have all our users sync'd through Active Directory and they appear in the Users tab of Users & Groups OK. 

However, when we run reporting through:

Logging & Reporting > Web Protection > Web Usage Report > Available Reports: Users

to show how much traffic each user is using the usernames don't display. 

We have some that appear as DOMAIN\username, some appear as username.domain.local and some appear as hostname.domain.local

We also have departments setup with users added but when changing from 'All Departments' to select an individual department for the report nothing shows up at all. 

Can anyone offer any help regarding why the reporting is unable to display the users properly?


This thread was automatically locked due to age.
Parents
  • 0
    I hadn't thought of the clock.  I know that joining isn't possible if there's more than 5 minutes of separation, but I didn't realize that that also applied to authentication - thanks!  So, based on that, it sounds like you need to re-examine NTP in your network.  I usually have the clients get time from the Domain Controller, have it get time from the UTM and have the UTM get time from pool.ntp.org (see 'Management >> System Settings' 'Time and Date').

    When you see username.domain.local, the AD wasn't authenticating the user and the HTTP request was handled by the Transparent Proxy or the Base Policy.  I didn't see that  anyone was auth'd by a different method for a different Profile.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I hadn't thought of the clock.  I know that joining isn't possible if there's more than 5 minutes of separation, but I didn't realize that that also applied to authentication - thanks!  So, based on that, it sounds like you need to re-examine NTP in your network.  I usually have the clients get time from the Domain Controller, have it get time from the UTM and have the UTM get time from pool.ntp.org (see 'Management >> System Settings' 'Time and Date').

    When you see username.domain.local, the AD wasn't authenticating the user and the HTTP request was handled by the Transparent Proxy or the Base Policy.  I didn't see that  anyone was auth'd by a different method for a different Profile.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?