Configure the Cisco Defense Orchestrator for Cross-Domain-Trust Step 2: Synchronize Users and Groups

After you configure two or more Active Directory servers that have a cross-domain trust relationship, you must download users and groups. That process exposes possible issues with the Active Directory configuration (for example, groups or users downloaded for one Active Directory domain but not the other).

Before you begin

Make sure you have performed the tasks discussed in Configure the Cisco Defense Orchestrator for Cross-Domain-Trust Step 1: Configure Realms and Directories.

Procedure


Step 1

Log in to the CDO.

Step 2

Click System (system gear icon) > Integration > Realms.

Step 3

At the end of the row of any realm in the cross-domain trust, click (Download Now), then click Yes.

Step 4

Click Check Mark (check mark icon) (Notifications) > Tasks.

If groups and users fail to download, try again. If subsequent attempts fail, review your realm and directory setup as discussed in Realm Fields and Realm Directory and Synchronize fields.

If you're using a proxy or proxy sequence, make sure all managed devices can communicate with Active Directory or ISE/ISE-PIC. If more than one managed device can communicate with ISE/ISE-PIC, we strongly recommend you set up a proxy sequence for the realm as discussed in Create a Proxy Sequence

Step 5

Click System (system gear icon) > Integration > Realms > Sync Results.