Change in active directory is not reflected in the Forcepoint Security Manager
- Article Number: 000004921
- Products: Forcepoint URL Filtering, Forcepoint Web Security, TRITON AP-WEB, Web Security Gateway, Web Security Gateway Anywhere, Web Security and Web Filter
- Version: 8.5, 8.4, 8.3, 8.2, 8.1, 8.0, 7.8, 7.7
- Last Published Date: June 12, 2020
After making a change to a user in Active Directory, this change is not being recognized in the Forcepoint Security Manager. How can this change be recognized?
By default, any information Forcepoint User Service receives from the Active Directory is cached for up to three hours.
When changing a user's directory service account, Forcepoint typically does not immediately recognize the change.
Some examples of changes are as follows:
Note In large environments, it is possible for user-based filtering to slow and users not receive correct policies for a brief period while recreating the directory service cache.
Important Using the Clear Cache button to clear the User Service cache does not clear the Filtering/Policy cache. As a result, changes will not take place immediately.
To have policy changes take effect more quickly after clearing directory service cache.
User Service Cache; filtering cache; user; group; ad; change; configuration; administration; directory services; 3 hour