The IDex Agent

The IDex Agent is an application that you install on your Domain Controllers, which delivers log-on information to the Smoothwall Filter and Firewall. When a user logs on, IDex sends the username and group membership information, along with the device's IP address, to the Smoothwall Filter and Firewall. You don't need to install the agent on each device via group policy. However, it can't identify more than one user at an IP address. It doesn't continuously identify users, so that once a user is identified at an IP address, it is assumed that the same user is using the device, until another user logs on to the device at which point the Smoothwall Filter and Firewall is notified of the new log on.

Before you install the IDex Agent, you must first create an IDex Directory entry on the Directories page and map the Smoothwall Filter and Firewall user groups to the directory's group names.

The IDex Agent can't identify more than one user per IP address. If another user is detected at the same IP address, it's assumed to be a new user and that the previous user logged off. A manual synchronization of group mapping can be performed causing an immediate delivery of all group information for the domain to the Smoothwall Filter and Firewall by running: C:\Program Files\Smoothwall\IDexAgent\SendAdDataNow.exe

Troubleshooting

Errors from IDex Agent itself are recorded in the Windows Event log in the Application log section under the identifier IDexAgent.

In Group Policy Management make sure that you've Audit logon events and Audit account logon events set to log successful logins for your domain controllers under: Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Audit Policy.

You need to install the IDex Agent either manually, by a silent install or creating an Active Directory group policy object.

The IDex Agent communicates with the Smoothwall Filter and Firewall on TCP port 2948. You can't amend this, and you must create a Smoothwall access rule that accepts traffic on that port.

To make sure that web filtering policies are applied correctly according to group membership, you need a Core authentication web filter authentication policy.

The IDex Agent writes any connection errors to the Application event log (Control Panel > Administrative Tools > Event Viewer > Windows Logs > Application) of the Windows-based device. Log entries are prefixed with "IDexAgent".