When does the Endpoint Agent query the AD server for User Group resolution
search cancel

When does the Endpoint Agent query the AD server for User Group resolution

book

Article ID: 160197

calendar_today

Updated On:

Products

Data Loss Prevention Endpoint Prevent Data Loss Prevention

Issue/Introduction

How often does the Endpoint Agent query the AD Server?
The Endpoint Agent queries the Active Directory Server for targeting User Group policies. 

Symantec Data Loss Prevention (DLP) Endpoint

Resolution

The Endpoint Agent queries the AD Server every time the edpa process is started.  If the user shuts down their machine every night, the server will be queried when the machine is restarted.

If the Endpoint Agent is up for a default seven days, the agent will query the AD Server again.  This value is configurable in the Advanced Agent Settings: 

If the Endpoint user is connecting via VPN, the agent may not be able to connect to the AD Server at startup, because the startup of the edpa process occurs before the machine is able to connect to the AD Server.  In this case, the agent will attempt to use the grp.ead file at startup, and will attempt again at the seven day mark and beyond.

If there is no grp.ead file, and the Endpoint Agent cannot connect to the AD Server, the Endpoint Agent will treat the user as if they are in no group.