The mystery has been solved, and the solution was painfully simple. Either the contractor or a remotely-connected WebSense technician had manually created the dc_config.txt file because for whatever reason DC Agent hadn't automatically created it.
Explorer was configured to hide file extensions. Thus, the guilty party didn't notice that he had actually created a file called dc_config.txt.txt. Take off the extra ".txt", restart the DC Agent service, et voila-all is well. Now, one might logically ask why DC Agent doesn't error out when it's started with no dc_config.txt, or why it doesn't automatically create one on its own in that case. There is no answer, though. -----Original Message----- From: John Hornbuckle [mailto:[email protected]<mailto:[email protected]>] Sent: Wednesday, July 15, 2009 12:49 PM To: NT System Admin Issues Subject: OT: Any WebSense Gurus? We had a vendor come in and install WebSense on a server for us. However, the vendor is stumped by a problem and I figured I'd see if any of the pros here had a solution. I'm brand new to WebSense myself, so I can't help much. The vendor has been working with WebSense tech support, but apparently they're stumped, too. The issue seems to be that the DC Agent utility isn't correctly getting users' usernames. Not 100% of the time, though--just most of the time. As best I can tell, the utility isn't correctly polling all of the DCs in the network. Here's some sample output from the TestLogServer utility: ===== time=Wed Jul 15 15:43:53 2009 version=3 server=10.0.0.1 source=150.176.37.70 dest=66.165.70.6 protocol= "http" url= "http://www.woot.com/salerss.aspx"; port= "80" category= 17 (SHOPPING) disposition= 1026 (Category Not Blocked) app type= "" keyword= "" user= "" bytes sent=0 bytes received=0 duration=0 time=Wed Jul 15 15:43:53 2009 version=3 server=10.0.0.1 source=10.11.7.106 dest=150.176.95.205 protocol= "https" url= "https://150.176.95.205/"; port= "443" category= 97 (EDUCATIONAL INSTITUTIONS) disposition= 1026 (Category Not Blocked) app type= "" keyword= "" user= "LDAP://10.11.1.2<http://10.11.1.2/> OU=Users,OU=PPS,DC=taylor,DC=k12,DC=fl,DC=us/George Clayton" bytes sent=0 bytes received=0 duration=0 ===== Notice that in the first entry, there's no username. There is in the second entry, though. The common thread is that every time a user is correctly identified, it's from the same DC: 10.11.1.2. So it appears that DC Agent is correctly polling that DC, but none of my others. All of them are listed in the dc_config.txt file, though. Any ideas what might be keeping it from talking to the other DCs? John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 www.taylor.k12.fl.us<http://www.taylor.k12.fl.us/> NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
