Hi,
Deployment: distributed
Windows OS: Windows Server 2008 SP2
Websense Version: 7.7.3
This issue just started in the last two days.
I have had 3 users that all of a sudden had our "Default Policy" applied to them. This is a problem because our "Default Policy" is set to block everything.
We are using LDAP groups to apply policies to user. I thought at first there was a problem with the group so I checked with a few other users who shared groups with the users I was having issues with and they were all okay. I still confirmed that the user was still apart of the appropriate group.
I then used the "Check Policy" feature to see what policy was being applied to the user. This checked out okay. Websense was reporting the correct group and policy for that user.
I finally resorted to running the TestLogServer.exe and this is where I discovered that for some reason our "Default Policy" was being applied to the user. In the TestLogServer.exe output all the user information checks out. The system identifies the user correctly. But the wrong policy is applied.
I made sure that the users machine has the appropriate connections to the server as well.
I tried clearing the User Cache but that did not correct the issue either. The only thing I was able to do to get the user working again was to restart the server where the Filter Agent is installed.
The server is not reporting any errors and is not exhibiting any abnormal behavior besides the above and as far as I can tell this issue is completely random (I can't find any connection linking the users accounts that have been affected).
Has anyone seen this before and know what could be causing it? My concern is that the issue will begin to escalate which would be bad!
Thank you