We have just upgraded Sourcefire to 6.0. Did everything go smooth? Well, almost. Some users (me included) are having issues fetching users and groups from Active Directory realm. The error is:
Error fetching groups. Please check your directory configuration and try again.
The error does not manifest itself so obviously. We can still download users/groups by clicking Download Now (indicated by red number one on the image bellow), and the task *will* be successful, but when we refresh the retrieved results (red number two icon), we have the error from above.
In the Task Status window, we can see that groups and users are fetched successfully:
But still, we cannot refresh them and use them accurately in our policies.
The fix is very easy. We go under our realm configuration, System->Integration->Realm Configuration and we can see the user name that is used to connect to LDAP server(s) and pull the users and groups out. Previous version required it to be in displayed form:
We can see that the old form is CN=username,OU=someou,DC=domain,DC=tld, and that the Defense Center now wants it to be email@example.com, as indicated with the red square. So, the fix is easy: we change the form of the Directory Username field and save our changes:
Now, after we save changes, we can refresh our users and groups:
This should wrap up this issue.
Thanks for reading!